Script Gadgets! Google Docs XSS Vulnerability Walkthrough
LiveOverflow
@liveoverflowAbout
just a wannabe hacker... making videos about various IT security topics and participating in hacking competitions. -=[ β€οΈ Support me ]=- Patreon per Video: https://www.patreon.com/join/liveoverflow YouTube Membership per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ π Imprint ]=- Security Flag GmbH MΓΌhlenstraΓe 8a 14167 Berlin Germany
Latest Posts
Video Description
A very interesting Cross-site Scripting Issue in gDocs Spreadsheets. I get a chance to talk to the bug hunter Nick, as well as Google engineers to understand both sides. How did he find it? And why did this vulnerability exist in the first place? Nickolay: https://thisisqa.com/ The video is sponsored by Google's VRP: https://www.google.com/about/appsecurity/reward-program/ 00:00 - Introduction 00:53 - Following reproduction steps 02:13 - What is postMessage()? 03:04 - Script Gadget: the hlc() function 03:30 - Script Gadget: ui.type instantiation 04:22 - Vulnerability summary 05:12 - Nick's focus on gviz 06:47 - Script Gadget: chartType injection 08:09 - Script Gadget: drawFromUrl exploit technique 08:57 - chartType injection fix 10:13 - Code refactoring cause of XSS 11:12 - How to find ui.type option? 14:04 - What to do with ui.type Script Gadgets? 15:13 - Why does hlc() exist?! 15:40 - JSONP sandbox 17:16 - Nick's background story =[ β€οΈ Support ]= β per Video: https://www.patreon.com/join/liveoverflow β per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join =[ π Social ]= β Twitter: https://twitter.com/LiveOverflow/ β Website: https://liveoverflow.com/ β Subreddit: https://www.reddit.com/r/LiveOverflow/ β Facebook: https://www.facebook.com/LiveOverflow/
Essential Penetration Testing Tools
AI-recommended products based on this video
BrosTrend Linux USB WiFi Adapter 1200Mbps Supports Ubuntu, Mint, Debian, Kubuntu, Mate, Zorin, PureOS, Raspberry Pi 2+, Windows 11/10, USB3.0 Wireless Dual Band Wi-Fi 5GHz/867Mbps + 2.4GHz/300Mbps
BrosTrend 1800Mbps WiFi 6 Linux WiFi Adapter for PC and Raspberry Pi 2+, Long Range USB WiFi Dongle Linux for Ubuntu, Mint, Debian, Kubuntu, Lubuntu, Zorin, Windows 11/10, Dual Band Wireless Antenna
MeLE Quieter DL Mini PC Windows 11 Home, N100 4GB 128GB, 2.5G Dual LAN,IoT Industrial Desktop Computer Support Windows 10 11 Linux Ubuntu Debian 4K Triple Display, Dual HDMI, All-in-One USB-C
Wireless Print Server for USB Printer (NOT Plug&Play), 2 Port USB Print Server, Convert Wired Printer to Wireless WiFi Ethernet Networking - Windows Mac Linux Compliant - CR202
10.1 Inch Touch Portable Monitor IPS Screen 1366x768P 60Hz 400 Brightness 99% sRGB HDMI USB-C Monitors Switch for Xbox PS3/4/5 Laptop Compatible with Raspberry Pi, Mini Touch Screen
ELECROW 8 Inch Portable Monitor, 1280x800 Mini HD Display with Built-in Speakers, USB Powered, Non-Touch LCD Screen for Raspberry Pi, PC, Laptop, Jetson Nano, Game Consoles
7 Inch Portable Monitor Touchscreen HD 1024x600 LED Display Dual HDMI Port Small Monitor for PC Raspberry Pi Laptop Computer Xbox PS4/5 Switch Built-in Speakers
BrosTrend 1800Mbps WiFi 6 Linux WiFi Adapter for PC and Raspberry Pi 2+, Long Range USB WiFi Dongle Linux for Ubuntu, Mint, Debian, Kubuntu, Lubuntu, Zorin, Windows 11/10, Dual Band Wireless Antenna
