This is my GMail Contact information Disclosure Proof Of ConceptExploit, allowing you to read the Email addresses of all contacts of thecurrently logged in Google user.
http://mybeni.rootzilla.de/mybeNi/2007/gmail_information_disclosure/
(It also Allows you to check if someone is currently logged into GoogleServices + Serves you the Authentication Token)
have fun and cheers, benjamin--benjamin "beNi" fleschmybeNi.tk websecurity -
http://mybeNi.rootzilla.de/mybeNi/
-----------------------------------------------
This was posted to FD several days ago and people have been talking about it, RSnake and others.
If I remember correctly, this isn't the first time that a contact gathering exploit has been released.
This is my 1000th post. Thanks for all the readers out there.
No comments:
Post a Comment