#Google drive sign in bypass download
Can someone explain what's happening and how I can download the actual file instead?īy the way.I have tried to use Google Drive's API, but due to limitations I do not have access to their Google Platform Services, so that's not an option. It looks like it's trying to do something with logging in. Meet Google Drive – One place for all your ) I end up with a 1500 line file that looks like this: The problem I run into is that the file is not downloaded, only the response from what I think are several redirects. I actually sent the request to burp (the request of make a new folder) and surprisingly, the response contains the name of the folder I want, wonderful.I am trying to download a large file from my Google Drive, using the requests module solution here. I told myself why I don’t check the request that creates the folder, maybe I can find something that interests me.
#Google drive sign in bypass how to
When this idea came to my mind, I did not know how to get the names of 1000 folders, at first I was planning to create a folder and check its invitation link and get the folder name from it, but it would take a lot of time so I thought of another way. When you sign in to your account, you can see your payment info, transactions, recurring payments, and reservations. The server of Google doesn’t give same name that we gave, so you want get the folder name, you have two ways, via the folder’s invitation link or another way which I will mention shortly. And send 500 username per folder (I know that I can send it 845 time but I send it 500 only to avoid any possible error), and if we have 1,000 folders, we’re actually able to send 500K requests. I thought about creating 1000 folders and saving these folder names. In fact it seems like a good idea, but I am not good at programming to do a program like that.Īfter deep thought, a good idea came to my mind. So I thought of creating a small program that creates a folder and then sends 845 request and then creates another folder and sends another 845 request. But it sounds like an impractical idea and will take a lot of time. Now I will explain the idea, when I made 845 requests and got message that I exceeded the rate limit, what if I send 845 requests and then make another folder and send 845 other requests, I tried it and it really worked. And after less than 24 hours I got this comment from security team, they want PoC for the scenario I described and also they say should not be possible at all. But actually, when I wrote this comment, I didn’t know how I exploit this attack! It was just an idea. It was just an idea (I’ll explain the details in a moment), I quickly opened my laptop and wrote a comment on my report contains my idea that will allows me to do 500K requests. In fact, I looked a little frustrated and I shut down my laptop, then it occurred to me the idea of what if we split the attack into more than one folder. So I opened my laptop and created a file containing 2000 username to try it, unfortunately I arrived at the request number 845 and after that it started showing me a message that I exceeded the limit rate. In fact, the report was accepted but I was told that 500 requests were not enough to prove that there was a vulnerability. Indeed, the attack succeeded, and I sent the report to Google. So I created a file containing 500 username and sent this request to intruder so that I would know if there was a limited rate or not. It might seem interesting, but the Google policy does not consider this to be a kind of vulnerability, but bypass rate limit is vulnerability. Personal information about the owner of the e-mail