Expired Domains - Google Apps Security Hole
English developer Ben Reyes wrote in his blog how he registered the just-expired domain and got another's Gmail box, calendar and contacts as a bonus. Taking possession of someone else's box, Ben was able to log into accounts on third-party services, such as Amazon.
Rotate this operation turned out using Google Apps. The fact is that Ben wanted to immediately link him to his Google App account after he received the domain, but he found that the domain was already linked to someone.
Ben turned for help to his acquaintances on Twitter and was answered by a Google employee, who explained that they had a procedure in the help section for how to restore domain binding to an account. He changed the corresponding settings ( screenshot ) and got admin access to the site. Interestingly, Google offered a choice of two admins accounts for two different strangers. Ben chose one of them randomly and set a new password. The next thing he saw was a mailbox with an archive of mail for several years with a bunch of passwords and other valuable information.
')
A few minutes later, Ben was already on the Amazon site under a false name. He didn’t do anything further, but says he could also go to Dropbox, Facebook and PayPal accounts. Everyone knows what opportunities are open for those who have access to someone else's mailbox (read the chronicle of hacking HBGary group Anonymous).
In general, so far, the hole in Google Apps has not been closed, and some unscrupulous citizens have already written a script in Python to search for new-fledged domains linked to Google Apps.
Rotate this operation turned out using Google Apps. The fact is that Ben wanted to immediately link him to his Google App account after he received the domain, but he found that the domain was already linked to someone.
Ben turned for help to his acquaintances on Twitter and was answered by a Google employee, who explained that they had a procedure in the help section for how to restore domain binding to an account. He changed the corresponding settings ( screenshot ) and got admin access to the site. Interestingly, Google offered a choice of two admins accounts for two different strangers. Ben chose one of them randomly and set a new password. The next thing he saw was a mailbox with an archive of mail for several years with a bunch of passwords and other valuable information.
')
A few minutes later, Ben was already on the Amazon site under a false name. He didn’t do anything further, but says he could also go to Dropbox, Facebook and PayPal accounts. Everyone knows what opportunities are open for those who have access to someone else's mailbox (read the chronicle of hacking HBGary group Anonymous).
In general, so far, the hole in Google Apps has not been closed, and some unscrupulous citizens have already written a script in Python to search for new-fledged domains linked to Google Apps.
Source: https://habr.com/ru/post/119672/
All Articles