ABSTRACT: The vulnerable pages are /"*/_/sharebox/linkpreview/*"/ and /"*gadgets/proxy?*"/ Is possible to request any file type, and G+ will download and show all the content. So, if you parallelize so many requests, is possible to *DDoS* any site with *Google bandwidth*. Is also possible to start the *attack* without be logged in G+.
Article link: http://www.ihteam.net/advisory/make-requests-through-google-servers-ddos/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
