Google History and Session Hijack Bug.

Google History hijack Bug Founded By 13lackD3M0n Eka ME

some days before when we are working on our blog securityisfake.blogspot.com we found this bug in google which allow an attacker to get all search history And Session Info. of victim.

In this Bug an gmail acc. work as backdoor

smile emoticon

____________________________

How To Exploit :-

1. A New created gmail account. Example backdoor@gmail.com

now you need access to victim. and login in his / her pc with your created account. and come back home.

2. wait for some days or hours and now login in same gmail account which you used in victim computer. now open google and go to search history&sessions and you get all history and session information which victim browse.

ADVANTAGE :-

1. Get session information & history without using spy programs or RAT remote access trojans

2. Also get mozzila or other browsers history and sessions by google sync.

3. doesn't raise any alarm and also no addon's or extensions detect it.

4. Also No AV' Detection

tongue emoticon

ofc because its google

5. Get Cookies of victim.

6. And Many More.

Gr33ts : 13ackD3mon Me