So came across this in march 2008 while posting my blog on XSS. I included example code and to my suprise it executed. I emailed Blogspot about this issue but no one really seemed to care. But Just so everyone knows, anyone can put malicious code into their blogspot blog. They designed it to be this way so that people will not be restricted in their blogging creativity. Well that's just great, thanks google for giving me the creative ability to pwn someone using one of the worlds most used blog sites. Take a look at google's solution to this issue.
http://help.blogger.com/bin/answer.py?answer=67427&topic=12469
They recommend that people report blogs who abuse this. Well how many people using blogger know what XSS is and what about more subtle XSS attacks like cookie theft etc... I think it is rediculous that google is leaving everyone open to this attack. A study posted on stopbadware.com lists google.com and the number 5 most infected domain in the world with 4261 infected sites. How many of those are blogger blogs? Does google really disable infected blogs? I doubt it.
http://www.stopbadware.org/home/badwebs
Here is another article about the issue by network world.
http://www.networkworld.com/news/2008/013108-attacker-google-blog.html
Google is notorious for ignoring security, and this is just another example.
Wednesday, July 23, 2008
Friday, July 18, 2008
VMware Update
Vmware has told me that they will be releasing the patch for my previously reported ESX server vulnerability in Q3. I will write about the issue in full detail at that time. In the mean time I have been spending some of my time looking at the web management interface of VMware server. I have identified one XSS and one session management Issue so far. It seems to me that Vmware has a relativly leanient stance when it comes to certain areas of its security. An attacker just needs to know where to look. I can't wait to be able to test on my ESX box when I get back to Utah.
Subscribe to:
Posts (Atom)