vincian
-
Posts
6 -
Joined
-
Last visited
Everything posted by vincian
-
digininja: i posted it here and blogged it only after disclosing to them. they made changes right away ( limiting no. of requests in a timeframe) and that's all. :( Cooper: I can certainly generate more emails than "37,000 Gmail addresses in about two hours" (http://www.wired.com/2014/06/gmail-bug-could-have-exposed-every-users-address/). I'll just have to use tor and hop to different exit nodes according to time-frame of gmail's replies.
-
haha.. spam them :P, Auto-Spam the valid emails.
-
Hey.. I never said it is a BIG security issue. Its just something which i think is interesting, validating 200 emails in one request.
-
Almost 200 views and no reply .. WTH!
-
I would like to share this one recent bug i found in gmail. It allows sending a list of about 200 email addresses and validates them if they exist in the google DB or not. This validator script is used by gmail while registering new users (ajax request is sent which shows whether entered email is available or not while user is filling up fields). Its simple XSS. Anyone can send a request containing multiple usernames and gmail replies with answer for every single of them whether it exists or not. Here is my oroginal post and description: http://vincian.blogspot.in/ http://vincian.tx0.org/links/gmail_email_validation.html Just thought of sharing it with hak5 :-)
-
in a windows system,you can take as many IPs for your system as you wish.... so if you take all IPs in a subnet before anyone else has connected to the network,what you think will be the impact on others(perhaps they will face a DoS) and at your own system...????