Gmail exploit may allow attackers to forward e-mail

Logo GmailA Gmail security vulnerability may allow an attacker to set up filters on users' e-mail accounts without their knowledge, according to a proof of concept posted Sunday at the blog Geek Condition.

In a post, Geek Condition's "Brandon" writes that the vulnerability has caused some people to lose their domain names registered through GoDaddy.com.

Without posting the full exploit, Brandon explains that it relies on obtaining the variables that represent the username and "at":

When you create a filter in your Gmail account, a request is sent to Google's servers to be processed. The request is made in the form of a url with many variables.

For security reasons, your browser doesn't display all the variables contained within the URL. Using Firefox and a plug-in called Live HTTP Headers, you can see exactly what variables are sent from your browser to Google's servers.

After that, an attacker just needs to identify the variable that is the equivalent of the username.

"Obtaining this variable is tricky but possible," he writes. "I'm not going to tell you how to do it; if you search hard enough online, you'll find out how."

The "at" variable can be obtained by visiting a malicious Web site, writes Brandon, who suggests that Google make the "at" variable expire after every request rather than after every session.

To avoid being a victim of the vulnerability, users should check their filters often, Brandon suggests. Firefox users can download an extension called NoScript that helps prevent these attacks, he said.

Of course, any Web site that uses cookies for authentication requests can be taken advantage of in the same way. To avoid becoming a victim to this type of exploit, Gmail users should log out of their accounts when they are not in use, and--of course--not visit Web sites they don't trust.

A Google representative said the company was trying to contact Brandon for specifics on his proof of concept.

"We're trying to reach the blogger making this claim for more details, but we haven't seen evidence that this would be specific to Gmail," the representative said. "We use standard industry methods for protecting cookies, similar to most Web services using HTTP. In fact, we offer additional protection by offering the option of a secure connection (HTTPS) throughout the session for free."

Source: CNET

Tags: e-mail, Gmail

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
Consumer group recommends iPhone 8 over anniversary model
 
LTE connections wherever you go and instant waking should come to regular PCs, too
 
That fiction is slowly becoming a reality
 
The Snapdragon 845 octa-core SoC includes the Snapdragon X20 LTE modem
 
Human moderators can help make YouTube a safer place for everyone
 
Google says Progressive Web Apps are the future of app-like webpages
 
All 2018 models to sport the 'notch'
 
The biggest exchange in South Korea, where the BTC/KRW pair is at $14,700 now
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
     12
3456789
10111213141516
17181920212223
24252627282930
31      




Poll

Do you use microSD card with your phone?
or leave your own version in comments (4)