It is currently 18-08-2017 11:43

Vulnerability in the login page, Google allows to infect victim's PC with malware

Vulnerability in the login page, Google allows to infect victim's PC with malware

by sigismund » 2016-08-30 18:27:01


the Company is in no hurry to fix the vulnerability.


British security researcher Aidan woods (Aidan Woods) has discovered a vulnerability in the login page provided by Google that enables attackers to upload files to the user's computer when he clicks on the button "Login".

The problem is that Google is taking continue=[link] as the URL parameter of the login page pointing to Google server where to redirect the user after passing authentication. The company has provided the possible risks associated with this option, so I restricted its use only domains google.com using *.google.com/*, where * is the wildcard character. This means that links to drive.google.com and docs.google.com can be considered valid parameters continue URL.

As explained by woods, an attacker could upload malware to their account on Google Drive or Google Docs and hide the URL in the link to the official page of authorization of Google. Users received a phishing email with a link, will be sure if it is a legitimate page. After completion of the authorization process on the victim's computer without her knowledge to be loaded ON the computer.

Woods told Google about the problem, but did not receive from the company no response.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5