31 December 2012
Category: Hacks
31 December 2012,
 0

Killing a bounty program, Twice (HITB 2012 Slides) by Nir Goldshlager, Itzhak (Zuk)

1.Google Picnik File Inclusion (Shell on Google server), The Picnik is Over!2.

Google Affliate Network, Hijack any user account by permission vulnerability,

3.

XSS in blogger.com

PoC Videos:

Google Books DOM XSS:

http://youtu.be/VD3nMsAF1HY
Google Calender Stored XSS: 
http://youtu.be/2MtAQil9kKs
Google Analytics, Cool Stored XSS: 
http://youtu.be/2wyJOlTfmaA
Google Friend Connect Stored XSS: 
http://youtu.be/NZK43_OPuFI
Google Knol, Access to privates docs using Google Knol Translator Tool: 
http://youtu.be/Tuv8ZYgNqp0
Google Feedburner Stored XSS:
http://youtu.be/ShA6ojZHAOQ
To Be Continue 😉 Enjoy….

Leave a Reply

Your email address will not be published. Required fields are marked *