Uncovered: Serious Orkut Security BUG

It just happened that while checking a personal message on Orkut found a major security bug . Orkut has a personal message feature, wherein the messages are mailed to the user and are also stored in his/her Personal Inbox. When the user tries to retrieve his/her Personal Messages from Orkut’s User Inbox, they are retrieved from the database using a GET url. This means that message fetching details are sent over the browser address bar separated by a special character ? (question mark).

Check out the URL below. This happens to be a message from my personal inbox. ( You will have to be logged in to Orkut to test this).

http://www.orkut.com/Messages.aspx?msg=U0013202476%2FIB%2F0961163969%2FU0021643556

&fld=IB&debug=&na=3&nid=U0013202476%2FIB%2F0961161410%2FU0026794039&nst=31

Now, this message will be available for view by all of you interested, till i either delete this message or this bug gets closed [:)]

This therefore proves that if you are able to sniff any message URL from your network, you can actually read the entire message just by logging into your ORKUT account…. Strange, Isn’t it?

Hope someone from Orkut is listening.

Cheers,

Vaibhav

Advertisements

6 Responses

  1. […] Also read:Uncovered: Serious Orkut Security BUG […]

  2. even i have seen it. i can still see some msg by clicking on your url. by the by, i have found some. not sure whether it is bug or not.
    see here http://beyondwork.wordpress.com/2007/09/06/another-orkut-bug/

  3. i think orkut has now fixed this bug.
    Not workin….

  4. Hi Nish,
    Yes, it has been fixed by Orkut off late. Google is very much active in taking a note of the bugs and fixing them.
    Cheers,
    Vaibhav

  5. […] Uncovered: Serious Orkut Security BUG […]

  6. […] Uncovered: Serious Orkut Security BUG […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: