InfoSecBulletin Cybersecurity for mankind
“A critical vulnerability has been identified in the Google Authentication mechanism of the application. By manipulating the ID and email parameters in the authentication request, an attacker can obtain an access token for any user. This allows the attacker to take over any account without any user interaction, leading to a complete compromise of the victim’s account.”
What is the Single Sign-On (SSO):
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Using Single Sign-On (SSO) with Google Cloud is a smart choice for organizations. It improves security and makes user authentication easier. SSO centralizes authentication through a trusted Identity Provider (IdP), reducing risks. It also makes it easier for IT teams to manage user access and enforce security policies, including multi-factor authentication (MFA).
To transition smoothly to SSO, organizations should follow these steps: select a compatible IdP, configure settings, and thoroughly test the setup. SSO offers several benefits: improved security, better user experience, simplified administration, and compliance with regulatory standards.
Proof of Concept (PoC):
1-Login with Google:
2-Intercept the OAuth Request:
3-Modify the Request:
Change the id field to any ID.
NOTE In changing the ID, you can try any number because it does not verify whether this number is correct or not, but it verifies whether the ID existed before or not, so you can enter anything, for example
“id”:”1″ or “id”:”123456”…. etc
Change the email field to the victim’s email address.
4- now Gain Access to Victim’s Account:
Conclusion
This situation shows how a vulnerability can be used to take over accounts without any action from the user. It is important to fix this problem quickly to protect user data and the reputation of Example.com.
This article is first published in medium.com written by Elcapitano. He can be reach on X Elcapitano.
