You are here: Home / Uncategorized / Google Cross Domain Bug Proof of Concept

Google Cross Domain Bug Proof of Concept


October 11, 2008 By Leave a Comment

Google’s Gmail service suffers from security flaws that make it trivial for attackers to create authentic-looking spoof pages that steal users’ login credentials, a security expert has demonstrated. Google Calendar and other sensitive Google services are susceptible to similar tampering.

A proof-of-concept (PoC) attack, published by Adrian Pastor of the GNUCitizen ethical hacking collective, exploits a weakness in the google.com domain that allows him to inject third-party content into Google pages. The result is this page, which allowed him (at time of writing, anyway) to display a fraudulent Gmail login page that displayed mail.google.com in the browser’s address bar.

Download Mozilla Firefox now!

Filed Under: Uncategorized

Sharing is Caring!

    • Related Posts:

    1. Bing.com accepting Google but doesn’t accepts Microsoft as it’s Sub-Domain. Im having the Proof
    2. 4 Characteristics of Good Domain Name
    3. Dreamhost Hosting Discount: Webhosting + Free Domain for just $2.95
    4. The Google Image Search Engine Gets Makeover
    5. Google Updates Chrome EULA
    6. 5 Exciting Tricks to Have Fun with Google Search

    		 We'll send more interesting posts like Google Cross Domain Bug Proof of Concept to you!
    Enter your Email Address:
    Join us on Facebook.

    Article by Sai Sandeep Thota

    is a Part-time Blogger as of now. He is a Freelance Programmer, WordPress Enthusiast.
    You can follow him on: Facebook | Twitter | . If you like this post, you can follow us on Twitter. Subscribe to GadgetCage Feeds via RSS or Email to get instant updates.

    Sai Sandeep has written 330 awesome articles for us.

    Speak Your Mind

    *