| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <4DA4D751.20697.74EFE74A@nick.virus-l.demon.co.uk> Date: Wed, 13 Apr 2011 10:50:57 +1200 From: Nick FitzGerald <nick@...us-l.demon.co.uk> To: full-disclosure@...ts.grok.org.uk Subject: Re: Google Search Feature Exploitation Scenario Cal Leeming wrote: > Didn't seem to wrok for me: > > http://www.google.com/search?hl=en&q=easyratemortage+tax+deductible+mortgage > +refinancing+strategy&btnI=AaEbK6r0Kz0r9JU4b It certainly did when I first reported that URL back in Sep 2007. A far from exhaustive bit of testing just now shows that it appears that Google is doing a Referer check on just those search terms (not just on the order), as you can do an "I'm feeling Lucky" search _from Google_ for those terms and get auto-redirected to the top search result, but if you just hit one of those search URLs with the IFL flag, you get the search results rather than an auto-redirect. Did you think to try some less well-publicized URL abusing this functionality? I wonder which other (if any) IFL abuse URLs that have been used in spam, scams and such Google blocks? Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists