Skip to main content

Using Google servers as a DDoS tool

posted onAugust 30, 2011
by l33tdawg

Google's servers can be used by cyber attackers to launch DDoS attacks, claims Simone "R00T_ATI" Quatrini, a penetration tester for Italian security consulting firm AIR Sicurezza.

Quatrini discovered that two vulnerable pages - /_/sharebox/linkpreview/ and gadgets/proxy? - can be used to request any file type, which Google+ will download and show - even if the attacker isn't logged into Google+.

By making many such request simultaneously - which he managed to do by using a shell script he's written - he practically used Google's bandwidth to orchestrate a small DDoS attack against a server he owns.

Source

Tags

Google Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th