Fool your friends claim you hacked the Search Engine Gaint

You are here: Home » Hacking » Fool your friends claim you hacked the Search Engine Gaint

Fool your friends claim you hacked the Search Engine Gaint

Written on May 13th, 2009 at 6:06 am by Shunmugha

Here is a simple tricks to claim you hacked google .It will work only with Internet Explorer 6.

What it does ?

It pops up alert message 3 seconds after you visit google site via hyperlink provided by the coder.It also sets the window status of the goolge window that opens.Which is usually not allowed pages residing in a domain can control only the pages that reside in the same domain but via the exploit below its possible to overcome it.

-It is a serious Cross Site Exploit done via ZERO DAY flaw in IE6.It provides the ability to run a script loaded in one domain over another domain.Thus can very much steal cookies written by another site which is a serious flaw!

Trick:

Save this code as html file and see to that href location is same as the path of that file where you upload it.Here it is “http://whereismycabin.googlepages.com/string1.htm#”

Code:

< !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">




www.google.com

To see it in action visit :

IE Zero Day Exploit

Also check out:Why its recommended not to use IE?

For technical details visit:

Phantom Team

22 Responses to “Fool your friends claim you hacked the Search Engine Gaint”

Vaibhav Kanwal

3 years ago

I tried it out and I think its pretty silly.
Its just a popup and after clicking ok, it works normally.

admin

3 years ago

@Vaibhav
I agree it just a simple pop up but what be should seen is the depth of the flaw..cookies can be read..Just think of this you have opened your orkut account in another tab you click on this malicious link very well your orkut account cookie can be read and exploited.(though orkut has fixed that bug) just letting you know it..

Check the Technical Details:
http://translate.google.com/translate?hl=en&u=http://www.ph4nt0m.org-a.googlepages.com/PSTZine_0x02_0x04.txt

you can understand de depth of the flaw

:victory:

Vaibhav Kanwal

3 years ago

Yeah, I agree with you here.
Its a security flaw not for Google but IE. Infact IE fails the ACID test. Worst browser ever.

The only problem is people are oblivious to the flaws of IE6 and continue to use it just because it serves their purpose and it came preinstalled with their copy of windows.

I have friends you refuse to switch to Firefox saying they didn’t feel comfortable using it. I dont know what comfortable means to them. Firefox is the best browser on earth. IE should die…

Vaibhav Kanwal’s last blog post..Google Webmasters gets a new look

admin

3 years ago

@vaibhav

We are in the same boat:0)I too always wonder why so many of them still sticking on to IE when secure browser like firefox is there..

TechZoomIn

3 years ago

Good one dude…Simple but yet surprising to others. Good stuff you shared..

TechZoomIn’s last blog post..Plugin To: Make your Images Auto HighSlide

admin

3 years ago

Thanks welcome to my blog :big_smile:

Tech @ InkAPoint

3 years ago

It’s interesting one.

Tech @ InkAPoint’s last blog post..75 Top Rated Unused Domain Names

prateek

3 years ago

really informative..keepup..
http://www.thetechnoclub.com :anger:

Ricky

3 years ago

Thanx for the share.This pop up screen will definately fool our friends if he is not a techie.But now a days people dont use IE6.

admin

3 years ago

@Prateek

Thanks dude…

@Ricky

Thanks and welcome to my blog happy to see you over here:)I would also like to point out tat i have seen still many institutions and school’s are sticking with IE only..

Salwa

2 years ago

lol, nice one! thanks for the share.

Salwa’s last blog post..Traffic Monday: How twitter can help you drive targeted traffic to your website

admin

2 years ago

Thanks…Happy to see you over here.. :victory:

Reply

thegands

2 years ago

thats why i don’t like damn f*ing IE.

admin

2 years ago

Thats de right thing to do:)

Reply

Preetam

2 years ago

Nevertheless, it’s nice, and I didn’t know about it earlier. :victory:

Preetam’s last blog post..Five Alien Places On Earth

admin

2 years ago

Welcome dude:)

Team Nirvana

2 years ago

Thats a very interesting way to jot down. This post is quite informative with all the gritty details described in and out.

Thanks for taking time and posting.

admin

2 years ago

Thanks friends..And happy to see you here:)

Reply

yreadthisy

2 years ago

cool nice post let me see how this works.

Vaibhav Kanwal

3 years ago

I tried it out and I think its pretty silly.
Its just a popup and after clicking ok, it works normally.

admin

3 years ago

@Vaibhav
I agree it just a simple pop up but what be should seen is the depth of the flaw..cookies can be read..Just think of this you have opened your orkut account in another tab you click on this malicious link very well your orkut account cookie can be read and exploited.(though orkut has fixed that bug) just letting you know it..

Check the Technical Details:
http://translate.google.com/translate?hl=en&u=http://www.ph4nt0m.org-a.googlepages.com/PSTZine_0x02_0x04.txt

you can understand de depth of the flaw

:victory:

Vaibhav Kanwal

3 years ago

Yeah, I agree with you here.
Its a security flaw not for Google but IE. Infact IE fails the ACID test. Worst browser ever.

The only problem is people are oblivious to the flaws of IE6 and continue to use it just because it serves their purpose and it came preinstalled with their copy of windows.

I have friends you refuse to switch to Firefox saying they didn’t feel comfortable using it. I dont know what comfortable means to them. Firefox is the best browser on earth. IE should die…

Vaibhav Kanwal’s last blog post..Google Webmasters gets a new look

admin

3 years ago

@vaibhav

We are in the same boat:0)I too always wonder why so many of them still sticking on to IE when secure browser like firefox is there..

TechZoomIn

3 years ago

Good one dude…Simple but yet surprising to others. Good stuff you shared..

TechZoomIn’s last blog post..Plugin To: Make your Images Auto HighSlide

admin

3 years ago

Thanks welcome to my blog :big_smile:

Tech @ InkAPoint

3 years ago

It’s interesting one.

Tech @ InkAPoint’s last blog post..75 Top Rated Unused Domain Names

prateek

3 years ago

really informative..keepup..
http://www.thetechnoclub.com :anger:

Ricky

3 years ago

Thanx for the share.This pop up screen will definately fool our friends if he is not a techie.But now a days people dont use IE6.

admin

3 years ago

@Prateek

Thanks dude…

@Ricky

Thanks and welcome to my blog happy to see you over here:)I would also like to point out tat i have seen still many institutions and school’s are sticking with IE only..

Salwa

2 years ago

lol, nice one! thanks for the share.

Salwa’s last blog post..Traffic Monday: How twitter can help you drive targeted traffic to your website

thegands

2 years ago

thats why i don’t like damn f*ing IE.

Preetam

2 years ago

Nevertheless, it’s nice, and I didn’t know about it earlier. :victory:

Preetam’s last blog post..Five Alien Places On Earth

admin

2 years ago

Welcome dude:)

Team Nirvana

2 years ago

Thats a very interesting way to jot down. This post is quite informative with all the gritty details described in and out.

Thanks for taking time and posting.

yreadthisy

2 years ago

cool nice post let me see how this works.

3 Trackbacks For This Post

Ultimate Mobile Prank-Make Your Friends Get Call From Their Own Mobile Number! | Technobuz Says:
May 30th, 2009 at 4:29 am
[...] Fool your friends claim you hacked Google [...]
Play Pranks on Friends- Crash their Web Browser | Technobuz Says:
August 5th, 2009 at 3:24 am
[...] Fool your friends claim you hacked Google [...]
Speed up Internet Explorer 6 | Technobuz Says:
September 4th, 2009 at 6:08 am
[...] Cross Site Scripting Flaw in IE6 [...]

Previous Post: Which is the best source to find your Google PageRank the moment it is updated

Next Post: How to Update/Refresh JTextArea Dynamically ?

Technobuz