Wednesday, May 18, 2011

HOW TO GAIN ADMINISTRATIVE PRIVILEGES ON ANY BLOGGER - POC

Gaining Administrative Privileges on any Blogger.com Account 1337$ (Google Reward Program)

That Vulnerability could be used by an attacker to get administrator privilege over any blogger
account (Permission Issue)

HTTP Parameter Pollution vulnerability on Blogger that allow an attacker to add himself as an
administrator on the victim's blogger account. POC is great for security engg and administrators
which can be corelated to infra web servers.


The vulnerability mentioned above has been confirmed patched by the Google Security Team very fast

Click to read about full POC and technical details. (Thanks to Nir)

0 comments: