Overview:
Image triggering the xss on the
Vulnerable location #1 (Campaign):
Google Adwords Google's Online Advertising service, boost website traffic and sales, was vulnerable to a persistent XSS in the main page Dashboard!
What Had to be done?
Well, here I discovered that the Dashboard page stored the Campaigns and the Ad groups as 'widgets' so I went for it and found it was vulnerable. this attack target could be anyone in the adwords service either 'read only','standard' or 'Administrator' access of course, a member who can edit/add Campaigns can take control over the administrator's account and perform actions with administrator permissions as for example attacker could cause the administrator give the attacker admin access with a malicious javascript payload , without the need of any user interaction from the administrator this attack will trigger as soon as the admin or the other victim, enters the adwords service. this way I could perform session hijacking or take control over the account.Image triggering the xss on the
Vulnerable location #1 (Campaign):
Vulnerable location #2 (Ad Group):
This issue has been fixed by Google security team.
I appreciate the opportunity to preserve my skills and gain some more experience
Thank you Google security team.
Thank you Google security team.
No comments:
Post a Comment