Google History hijack Bug Founded By 13lackD3M0n Eka ME
some days before when we are working on our blog securityisfake.blogspot.com we found this bug in google which allow an attacker to get all search history And Session Info. of victim.
In this Bug an gmail acc. work as backdoor
smile emoticon
____________________________
How To Exploit :-
- A New created gmail account. Example backdoor@gmail.com
now you need access to victim. and login in his / her pc with your created account. and come back home.
- wait for some days or hours and now login in same gmail account which you used in victim computer. now open google and go to search history&sessions and you get all history and session information which victim browse.
ADVANTAGE :-
- Get session information & history without using spy programs or RAT remote access trojans
- Also get mozzila or other browsers history and sessions by google sync.
- doesn't raise any alarm and also no addon's or extensions detect it.
- Also No AV' Detection
tongue emoticon
ofc because its google
- Get Cookies of victim.
- And Many More.
Gr33ts : 13ackD3mon Me
2 Responses
This is not a Bug. A trick
Likewise, this does not hijack anything, nor did you find a "bug." This is more social engineering. It's a useful idea if you have remote access, but otherwise this is a fun technique.
Share Your Thoughts