[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Make requests through Google servers

To: R00T_ATI <r00t_ati@xxxxxxxxxx>
Subject: Re: [Full-disclosure] Make requests through Google servers
From: adam <adam@xxxxxxxxx>
Date: Sun, 28 Aug 2011 18:30:48 -0500

Interesting. I'm especially curious if it could be used to scrape Google
services (e.g. search results) without being picked up by filters (due to it
being a Google operated IP address).

I also wonder how far recursively it'd go - would it be possible to use one
of those URLs to attack itself?

On Sun, Aug 28, 2011 at 6:16 PM, R00T_ATI <r00t_ati@xxxxxxxxxx> wrote:

>  ABSTRACT:
> The vulnerable pages are *“/_/sharebox/linkpreview/“* and *“gadgets/proxy?
> “*
> Is possible to request any file type, and G+ will download and show all the
> content. So, if you parallelize so many requests, is possible to *DDoS*any 
> site with
> *Google bandwidth*. Is also possible to start the *attack* without be
> logged in G+.
>
> Article link:
> http://www.ihteam.net/advisory/make-requests-through-google-servers-ddos/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Make requests through Google servers
  - From: R00T_ATI

Prev by Date: [Full-disclosure] Make requests through Google servers
Next by Date: [Full-disclosure] [MOHSEP] Month Of Humorous Stefan Esser Photoshops - SUPER WEEKEND BUMPER EDITION!!!
Previous by thread: [Full-disclosure] Make requests through Google servers
Next by thread: Re: [Full-disclosure] Make requests through Google servers
Index(es):
- Date
- Thread