Gmail Security Flaw Proof of Concept

by admin November 24, 2008 at 12:20 pm
0 Comment

Is it possible for someone to create a malicious filter without having access to your Gmail username and password? No, however, they can force you to create the filter without your knowledge.

The blogosphere is buzzing about a Gmail Security Flaw that has caused some people to lose their domain names registered through GoDaddy.

To understand how this exploit works let me first explain how I would carry it out (if I were a blackhat). Then we can move on and explain the exploit in detail. Let’s use a current example and assume that I was trying to steal MakeUseOf.com and I already knew it was registered by GoDaddy. Let’s also assume that I knew the owner’s Gmail address. I would want to create a filter like the one in the image above, where all email sent from GoDaddy Support was automatically deleted and forwarded to my email address.

Read more: geekcondition.com

Related Content
Realme C15 Launching in India on August 18: Everything We Know So Far
Facebook’s CEO to meet PM Modi today
Firefox 4 Beta 1: A Visual Tour
Now, access Facebook on mobile devices for free
more news from the blog
Microsoft to Release Windows 7 Release Mid ’09, Reveals Vista Improvement Program
Disney to Acquire 30% Hulu Stake, Full ABC Shows on the Way: Report
Fraps 2.9.9
JPodCast Player 0.3.3 Alpha
EZBack-it-up 2.0.1
Eric Schmidt: Google ‘Unlikely’ to Buy Twitter
Sociagami 1.0
XviD4PSP 6.001 Beta
Expect strong iPhone sales in UK and Europe
'Storm Worm' sweeps the globe
Strider URL Tracer 1.0.1.0
Microsoft researchers follow Web spam money trail
Is an Apple Tablet on the Way? Orange Exec Says ‘Oui’
Younicate 0.8 Beta
Trojan kidnaps files for ransom
SyncView 2.1.1
Adium 1.3.10
DRM-free iTunes set this week?
Attack code released for IE hole
Silverlight 1.0: Following a Flash Playbook?
Ditto for U3 3.14
Xming X Server for Windows 6.9.0.11
Pidgin Portable 2.7.4
Amaya 11.3.1
Net-It Now 3.4.0.1
Push Gmail Finally Comes To The iPhone, No Thanks To Apple
TweakVista 1.1
WildBit Viewer 5.8 Final
Microsoft’s Zune makes strides to catch Apple’s iPod
UseShots Editor 0.6.1.63 Beta
Microsoft intros Photosynth 3-D image modelling
iTunes Alarm 1.1
AllPeers 0.75.1 Beta