Remember above image? Few weeks ago we published a bug in Orkut’s click tracking mechanism which let spammer send third party links bypassing image verification!
Now for those who missed that… A new bug is found in Google Video search history feature! Now Whats a big deal you might say? Well Google Videos and Orkut are both owned by Google Inc. So URL which contains google.com in domain part never encounters image verification!
Now consider link below:
http://upload.video.google.com/searchhistory/url?url=//www.devilsworkshop.org
You can replace any site URL with www.devilsworkshop.org in it and put the link in scraps! Orkut will never ask for image verification!
This bug is more severe compared to bug in Click Tracking mechanism. Fixing this may be still simple but there are many Googles service and so there must be many bugs like this! All this means a lot more spam in coming month on Orkut… π
Credits: Sumit Kalra found this while analyzing a recent spam "VORUS VIDEO SCRAP" code!
3 Comments
Hey, did you notice today? Orkut has fixed this bug since today morning as I have observed. Now, even google urls also need capcha verification….Yesterday, this bug still existed and today it has been fixed….
check out….
Thanks for visiting my site…
@TechPavan
Thats good… π
They might be reading our blog… π
8 years ago, sigh good old days on orkut.