Posts

Showing posts from November, 2014

How I was able to send a mail with Your Email Id?

Image
How I was able to send a mail with Your Email Id? Is it possible? Yes. It is. If you are using Gmail, until yesterday, I can send email with your email id. Do u want to know how? Read my story then.... Hi Friends, This is Mohan Kallepalli, again with another bug in gmail ... Thanks to facebook, another day started with frustration. I will tell u that story another time. Anyway, with the frustration on facebook, i turned my focus to my favorite Google one more time. While I was going through the Gmail settings, thanks to my low speed internet, my browser suggested me to use "Basic HTML". Once i opened my settings in Basic HTML, i went to Accounts section and there i saw the functionality for adding another users email id to your " send email as " list. This functionality is protected by a verification code authentication mechanism. which means, Gmail will send a verification code (9digits) to the target email id and you need to enter that code in your v

Youtube URL Redirection..

Image
Hi Guys, Another bug in Google.. This time is with youtube.com Hmm.. Found a bug in Youtube.. but unfortunately, this bug is out of scope.. Anyway, a bug is a bug.. Lets see.. The issue is an URL redirection vulnerability that existing in upload.youtube.com. When you upload a video which is not proper (invalid), the application redirects you to error URL. This URL is being sent to the server as a parameter, error_redirect . I tried changing the url to some random domain, and guess what, it redirected as i have uploaded an invalid video. Then, in the request i observed there are two user specific tokens going to the server. They are nothing but anti-csrf tokens and working properly with a valid video. But in the case of an invalid video, they are no longer validated and are being ignored. So i tried to send the request with invalid file, but this time i removed the user specific tokens user_token and session_token . And as i expected, the application issued an 302 redirection