| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fe37588d1002120037h4940625bh59140554224bde82@mail.gmail.com> Date: Fri, 12 Feb 2010 00:37:18 -0800 From: Kristian Erik Hermansen <kristian.hermansen@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Google Buzz and blind CSRF attacks Greetings, Google Buzz is an incredibly useful new social networking service. However, it is also quite vulnerable to persistent CSRF attacks when data is pulled from external data feeds. For instance, I encourage you to follow me me on Google Buzz by utilizing my profile below and clicking "FOLLOW". You can probably also search for me in Google Buzz's interface within GMail as well. http://www.google.com/profiles/kristian.hermansen http://kristian-hermansen.blogspot.com/2010/02/google-buzz-csrf-test.html My proof-of-concept merely executes a denial of service against Google Buzz users for which the only recovery is to disable IMG tag loading, reload Google Buzz, and either "mute" the posting or unfollow me permanently. This is non-intrusive PoC to demonstrate weaknesses and the ever-increasing need to protect against CSRF attacks. I hope you enjoy the demonstration. Cheers, -- Kristian Erik Hermansen http://www.linkedin.com/in/kristianhermansen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists