Blogger.com and the mixed scripting vulnerability

Blogger.com suffers from a mixed scripting/content vulnerability, this domain references multiple scripts and other content types from a non-https enabled channel.

Here's the report:

# Exploit Title: Multiple Mixed Scripting/Content Vulnerabilities in Blogger.com
# Google Dork:site:blogger.com
# Date: 09/1/12
# Exploit Author: k3170makan
# Vendor Homepage: https://www.blogger. com
# Software Link: https://www.blogger.com
# Version: current
# Tested on: Ubuntu 10.04
# site: ...

Blogger.com references multiple resources over a non-https enabled channel while being served over https. These resources are also being referenced from the blogger.com domain, which further increases the risk incurred.
Explanation:

After logging into blogger.com users are presented with the option to view controls,statistics and other awesome tools to manage their blogs. Some of these tools make references to content and scripts not served over https enabled channels with the blogger.com domain.

The template tab makes multiple requests to resources that are not served over an https channel including:


Some of these depend on whether the user has enabled functions like post reactions of course but this should not sway your risk assessment much.

And some screen shots:



html served over a non-https enabled channel
JavaScript being requested over a non-https channel

JSON served over non-https enabled channel

Most of these are pretty easy to pick up just using a simple browser and a text editor.
Anyway, I suspect there are still some of these out there, so get hunting!!

Ciao!

Comments

  1. Good post. Did google pay bounty for this ?

    ReplyDelete
    Replies
    1. Nope this one did not qualify for reward, it's up to the panel to decide if a vuln qualifies---for reward---,though this one is in the right category for reward.

      But I did manage to get this though ---> https://www.google.com/about/appsecurity/hall-of-fame/distinction/ [q4 2012]

      Delete
  2. Thanks for a marvelous posting! I quite enjoyed reading it, you’re a great author.I will remember to bookmark your blog and will often come back sometime soon.
    yours information is very effective. the information about Travel Data Management IS TOO GOOD.LOOK AT THIS WEBSITE

    http://www.wizie.com/Data-Management.htm

    ReplyDelete

Post a Comment