[Full-disclosure] Orkut URL Redirection Vulnerability
Hi All,I have found url redirection vulnerability on www.orkut.com.If a user clicks on a malicious link he/she will redirect to an attackers website. The attacker can capture the valid username,password and then redirect a user to original orkut website. Proof Of Concept:Original Link:https://www.orkut.com/GLogin.aspx?done=http%3A%2F%2Fwww.orkut.com%2FMaliciously Crafted Link: https://www.orkut.com/GLogin.aspx?done=http%3A%2F%2Fattackers_website.com--Kishor Sonawane [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Orkut URL Redirection Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Did you notify orkut? keyshor wrote: Hi All, I have found url redirection vulnerability on www.orkut.com http://www.orkut.com. If a user clicks on a malicious link he/she will redirect to an attackers website. The attacker can capture the valid username,password and then redirect a user to original orkut website. Proof Of Concept: Original Link: https://www.orkut.com/GLogin.aspx?done=http%3A%2F%2Fwww.orkut.com%2F Maliciously Crafted Link: https://www.orkut.com/GLogin.aspx?done=http%3A%2F%2Fattackers_website.com -- Kishor Sonawane [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Regards, Adriel T. Desautels SNOsoft Research Team Office: 617-924-4510 || Mobile : 857-636-8882 -- Vulnerability Research and Exploit Development -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (Darwin) iD8DBQFFACCQf3Elv1PhzXgRAjlbAJ9Joc/B5a0n8rYqsGp8uIjpYFDiqgCfaDYS L4ojR/ypgyLSdcmhtXQQ6KU= =tqUD -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Orkut URL Redirection Vulnerability
I have found url redirection vulnerability on www.orkut.com. Man, I don't want to disappoint you but this redirection vulnerability is pretty old and has been being used in Brazil for sometime. This vulnerability was noticed in the begining of the year, maybe, when orkut had changed its authentication scheme. I'm sure orkut was already notified by other people but they hadn't patched it yet and the phishing keeps going on :) Sorry about any gramatical errors. Regards, Julio Cesar Fort Recife, PE, Brazil www.rfdslabs.com.br - computers, sex, human mind, music and more. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Orkut URL Redirection Vulnerability
Well, so now TWO countries care about orkut stuff, Brazil and Finland ;) I think its creator, Orkut Büyükkökten, had a hell of a childhood, with such name. On Thu, 7 Sep 2006 20:53:53 +0300 Olli Haukkovaara [EMAIL PROTECTED] wrote: Sorry guys, but this particular URL, www.orkut.com , makes us Finns smile... Orkut means in our language orgasms. I just had to share this with you, please forgive me, it's almost friday night ;-) Regards, Olli On 9/7/06, Julio Cesar Fort [EMAIL PROTECTED] wrote: I have found url redirection vulnerability on www.orkut.com. Man, I don't want to disappoint you but this redirection vulnerability is pretty old and has been being used in Brazil for sometime. This vulnerability was noticed in the begining of the year, maybe, when orkut had changed its authentication scheme. I'm sure orkut was already notified by other people but they hadn't patched it yet and the phishing keeps going on :) Sorry about any gramatical errors. Regards, Julio Cesar Fort Recife, PE, Brazil www.rfdslabs.com.br - computers, sex, human mind, music and more. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- terveisin, Olli - Carlos Cardoso - Blogueiro Inconformado^ http://www.carloscardoso.com == sacanagem http://www.contraditorium.com == ProBlogging e cultura digital ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Orkut URL Redirection Vulnerability
Sorry guys, but this particular URL, www.orkut.com , makes usFinns smile... Orkut means in our language orgasms.I just had to share this with you, please forgive me, it's almost friday night ;-)Regards, OlliOn 9/7/06, Julio Cesar Fort [EMAIL PROTECTED] wrote: I have found url redirection vulnerability on www.orkut.com .Man, I don't want to disappoint you but this redirection vulnerabilityis pretty old and has been being used in Brazil for sometime.This vulnerability was noticed in the begining of the year, maybe, when orkut had changed its authentication scheme. I'm sure orkut was alreadynotified by other people but they hadn't patched it yet and the phishingkeeps going on :)Sorry about any gramatical errors. Regards,Julio Cesar FortRecife, PE, Brazilwww.rfdslabs.com.br - computers, sex, human mind, music and more.___Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ -- terveisin, Olli ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Orkut URL Redirection Vulnerability
add another country ..:)- In Turkish, Orkut means the holy meeting place. and yes, Googles Orkut was built by a Turkish Google engineer – Orkut Buyukkokten On 9/7/06, cardoso [EMAIL PROTECTED] wrote: Well, so now TWO countries care about orkut stuff, Brazil and Finland ;)I think its creator, Orkut Büyükkökten, had a hell of a childhood, with such name.On Thu, 7 Sep 2006 20:53:53 +0300Olli Haukkovaara [EMAIL PROTECTED] wrote: Sorry guys, but this particular URL, www.orkut.com , makes us Finns smile... Orkut means in our language orgasms. I just had to share this with you, please forgive me, it's almost friday night ;-) Regards, Olli On 9/7/06, Julio Cesar Fort [EMAIL PROTECTED] wrote:I have found url redirection vulnerability on www.orkut.com. Man, I don't want to disappoint you but this redirection vulnerability is pretty old and has been being used in Brazil for sometime. This vulnerability was noticed in the begining of the year, maybe, when orkut had changed its authentication scheme. I'm sure orkut was already notified by other people but they hadn't patched it yet and the phishing keeps going on :) Sorry about any gramatical errors. Regards, Julio Cesar Fort Recife, PE, Brazil www.rfdslabs.com.br - computers, sex, human mind, music and more. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- terveisin, Olli- Carlos Cardoso - Blogueiro Inconformado^http://www.carloscardoso.com == sacanagemhttp://www.contraditorium.com == ProBlogging e cultura digital ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- http://peterdawson.typepad.com PeterDawson Home of ThoughtFlickr's This message is printed on Recycled Electrons. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/