Monday, September 24th, 2007

Stealing Pictures with Picasa

In celebration of our acceptance to Black Hat Japan, we’ve decided to post the details on our Picasa exploit which allows an attacker to steal images from victims.  Perhaps this should be the month of Google flaws considering our posts in this previous week and some of the posts that are on their way in the next week or two.

   

If you’ve read our previous post Say Cheese! then you know that Google’s Picasa registers the picasa:// URI in the Windows registry and it is possible to abuse this registered URI through a Cross-Site Scripting exposure to steal a victim’s images.  My personal feeling on this issue is that it represents a HUGE privacy breach for users of Picasa. Ok, so without further dramatic build-up, you can find the gory details here and you can find the source code we use for the exploit here.

Posted by xssniper | Filed in Security