Google Service Infinite Refresh Loop (Self Inflicted DDOS)

Sorry for the bad quality video. :-)

See it here.

This bug is demoed today (6th May 2010) to the Singapore Security Meetup Group.

This is an old bug which is not fixed because Google probably do not know about it…

HOW IT WORKS (the gist of it):
1) Go to http://ABCXYZ.google.com [Yes, it is a legitimate Google URL]
2) Google redirects you to their SSO System aka Gaia for authentication.
3) Login using your Google Account.
4) Gaia then redirects you to http://ABCXYZ.google.com (which is obviously wrong in the first place).
5) which then redirects you back to Gaia. But you have already autenticated! Go back you fool !
6) Repeat 4) Ad Infinitum.

How you (or any Google account user) can be exploited to DDOS Google?

Hackers can spam you with the interesting Google URL (which you need to click) or better still I can embed it in a javascript or IFRAME and you (or any Google account user) will DDOS Google SSO System without knowing (since you may have already logged into Google!).

Read more about Gaia (http://www.nytimes.com/2010/04/20/technology/20google.html)

8th Nov : Correction. Google has closed this flaw already.

Advertisement

This entry was posted on Saturday, May 8th, 2010 at 3:09 pm and is filed under GMail, Google. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.