+ Reply to Thread
Results 1 to 3 of 3
Like Tree4Likes
  • 4 Post By [s]

Thread: Google Wallet CSRF Share/Save - My123World.Com!

  1. 06-13-2012, 10:40 PM #1
    [s]
    [s] is offline
    Security Researcher [s] will become famous soon enough [s]'s Avatar
    Join Date
    Nov 2010
    Posts
    187
    Blog Entries
    2
    Thanks
    63
    Thanked 53 Times in 30 Posts

    Google Wallet CSRF



    #Title:Google Wallet CSRF
    #Author: Sandeep Kamble
    #Business Risk : High Risk
    #Attack Type: CSRF
    #Tested Browser: Firefox 3.6
    #OS: Win 7 / Linux
    #Reported Date: Mon, Apr 2, 2012
    #Fix date : Apr 11, 2012

    Summery

    I recently reported CSRF vulnerability to Google. Vulnerable domain is wallet.google.com , Normally it forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.

    Vulnerable URL:

    Code:
    https://wallet.google.com/buyerSignup?continue=https://wallet.google.com/manage/bootstrap.html?u%3Dhttps%253A%252F%252Fwallet.google.com%252Fmanage%26pli%3D1&hsk=1&pli=1&s7e=creditcard.cardNumber:n;creditcard.cvv:n&coc=IN
    It was missing XSRF protection Token.

    Code:
    Id
Email
Passwd
PasswdAgain
address.phone
address_cmenu
address_ecmenu
address_name
address_state
address_state_menu
address_street1
address_street2
address_town
address_town_menu
address_zip
creditcard.CreditCardCvvTextField
creditcard.CreditCardNumberTextField
creditcard.cardBrand
creditcard.ccExpMonth
creditcard.ccExpYear
creditcard.ccIssueId
creditcard.ccStartMonth
creditcard.ccStartYear
creditcard.lastDigits
creditcard.phone
creditcard.type
creditcard_cmenu
creditcard_ecmenu
creditcard_name
creditcard_state
creditcard_state_menu
creditcard_street1
creditcard_street2
creditcard_town
creditcard_town_menu
creditcard_zip
i18nToSUrl
keyfields
keylog
shippingRadioA
shippingRadioB
submitbutton
submitbutton
    POC I will upload after some time Thanks Google For listing me In Google Hall of fame and for quick Fix

    Thanks
    [S]
    Last edited by [s]; 06-13-2012 at 10:45 PM.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Reply With Quote Reply With Quote
  2. 06-19-2012, 04:17 PM #2
    H@CK3R_ADI
    H@CK3R_ADI is offline
    Garage Member H@CK3R_ADI is on a distinguished road
    Join Date
    Jun 2012
    Location
    Unkn0wn City,Unkn0wn State,Unkn0wn Country,Unkn0wn Continent,PLanet Eart,Milkyway Galaxy,Virgo Super
    Posts
    51
    Thanks
    8
    Thanked 3 Times in 3 Posts
    I thin this vuln is also in Gmail.
    Reply With Quote Reply With Quote
  3. 06-19-2012, 08:12 PM #3
    Anant Shrivastava
    Anant Shrivastava is offline
    Security Researcher Anant Shrivastava has a spectacular aura aboutAnant Shrivastava has a spectacular aura about
    Join Date
    May 2011
    Location
    Pune, Maharashtra, India
    Posts
    229
    Blog Entries
    1
    Thanks
    76
    Thanked 93 Times in 52 Posts
    Quote Originally Posted by H@CK3R_ADI View Post
    I thin this vuln is also in Gmail.
    any specific reason why you think it exist in gmail.
    Website :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

    Blog :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

LinkBacks (?)

  1. Sandeep Kamble (SandeepL337) on Twitter
    Refback This thread
    07-29-2012, 06:50 AM
  2. Garage4Hackers July Magazine | Scoop.it
    Refback This thread
    07-06-2012, 11:25 AM
  3. Google Wallet CSRF
    Refback This thread
    06-14-2012, 08:52 AM
  4. Google Wallet CSRF
    Refback This thread
    06-13-2012, 10:43 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules