Google Drive Flaw Misused by Hackers; Users May Install Malware.

Google Drive may not be as secure as you anticipate it to be. The Google benefit allegedly incorporates security vulnerability that might permit programmers to send noxious records that show up to look genuine. Google has been informed of the security issue, but it hasn't been fixed, however.

The flaw, discovered by A. Nikoci and reported by The Hacker News shows that the security bug is said to be the ‘manage versions’ highlight advertised by Google Drive that permits users to transfer and manage diverse versions of a file. The cloud capacity storage supposedly doesn’t check to see in case a record is of the same sort, or indeed implement the same expansion. 

Read Now: Google updates its Android Auto wireless feature that will now run on Android 11

According to Nikoci, the ‘manage versions’ practically should allow users to update an older version of a file with a new version having the same file extension, however, this is not the case. An extract from Nikoci'sinterview with The Hacker News said, “the affected functionally allows users to upload a new version with any file extension for any existing file on the cloud storage, even with a malicious executable.”

The method is basic as demoed by Nikoci in three recordings. It begins with sharing an ordinary file using Google Drive. Clients can at that point transfer an unused version of that file through Manage Version. Here, Nikoci effectively transfers an infected version of that file. In doing so, Google doesn’t identify or distinguish on the off chance whether it's the same file or not. Anybody that has access to the link can download the infected file. Google lets you change the file version without checking if it’s the same type,” Nikoci claimed.

The approach can be utilized for spear phishing attacks that trap clients into compromising their frameworks. Spear phishing attacks are ones where users are inadvertently made to open files that have malware. It is usually used to collect personal information from targeted users. You might get a notice of a report upgrade and grab the file without realizing the danger.

Google had recently fixed a major security bug in Gmail and G Suite that was noticed four months ago. The fix happened within seven hours after it was made publicly accessible. It was also shortly after Google’s services suffered a global outage.

Nikoci said he notified Google about the issue, but that it was still unpatched as of August 22nd. For now, the prominent solutions might be to use antivirus software and be aware of Google Drive file update alerts, especially if you weren’t anticipating them.

 

Disclaimer: The news on the Website have been compiled from a variety of sources and cannot vouch for the veracity of the stories.

Whoops! There was an error.
ErrorException (E_NOTICE)
ob_end_flush(): failed to send buffer of zlib output compression (0) ErrorException thrown with message "ob_end_flush(): failed to send buffer of zlib output compression (0)" Stacktrace: #4 ErrorException in /home/streakshot/public_html/vendor/symfony/http-foundation/Response.php:1219 #3 ob_end_flush in /home/streakshot/public_html/vendor/symfony/http-foundation/Response.php:1219 #2 Symfony\Component\HttpFoundation\Response:closeOutputBuffers in /home/streakshot/public_html/vendor/symfony/http-foundation/Response.php:381 #1 Symfony\Component\HttpFoundation\Response:send in /home/streakshot/public_html/public/index.php:58 #0 require_once in /home/streakshot/public_html/index.php:21
4
ErrorException
/vendor/symfony/http-foundation/Response.php1219
3
ob_end_flush
/vendor/symfony/http-foundation/Response.php1219
2
Symfony\Component\HttpFoundation\Response closeOutputBuffers
/vendor/symfony/http-foundation/Response.php381
1
Symfony\Component\HttpFoundation\Response send
/public/index.php58
0
require_once
/index.php21
/home/streakshot/public_html/vendor/symfony/http-foundation/Response.php
    {
        return \in_array($this->statusCode, [204, 304]);
    }
 
    /**
     * Cleans or flushes output buffers up to target level.
     *
     * Resulting level can be greater than target level if a non-removable buffer has been encountered.
     *
     * @final
     */
    public static function closeOutputBuffers(int $targetLevel, bool $flush)
    {
        $status = ob_get_status(true);
        $level = \count($status);
        $flags = PHP_OUTPUT_HANDLER_REMOVABLE | ($flush ? PHP_OUTPUT_HANDLER_FLUSHABLE : PHP_OUTPUT_HANDLER_CLEANABLE);
 
        while ($level-- > $targetLevel && ($s = $status[$level]) && (!isset($s['del']) ? !isset($s['flags']) || ($s['flags'] & $flags) === $flags : $s['del'])) {
            if ($flush) {
                ob_end_flush();
            } else {
                ob_end_clean();
            }
        }
    }
 
    /**
     * Checks if we need to remove Cache-Control for SSL encrypted downloads when using IE < 9.
     *
     * @see http://support.microsoft.com/kb/323308
     *
     * @final
     */
    protected function ensureIEOverSSLCompatibility(Request $request)
    {
        if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && 1 == preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) && true === $request->isSecure()) {
            if ((int) preg_replace('/(MSIE )(.*?);/', '$2', $match[0]) < 9) {
                $this->headers->remove('Cache-Control');
            }
        }
Arguments
  1. "ob_end_flush(): failed to send buffer of zlib output compression (0)"
    
/home/streakshot/public_html/vendor/symfony/http-foundation/Response.php
    {
        return \in_array($this->statusCode, [204, 304]);
    }
 
    /**
     * Cleans or flushes output buffers up to target level.
     *
     * Resulting level can be greater than target level if a non-removable buffer has been encountered.
     *
     * @final
     */
    public static function closeOutputBuffers(int $targetLevel, bool $flush)
    {
        $status = ob_get_status(true);
        $level = \count($status);
        $flags = PHP_OUTPUT_HANDLER_REMOVABLE | ($flush ? PHP_OUTPUT_HANDLER_FLUSHABLE : PHP_OUTPUT_HANDLER_CLEANABLE);
 
        while ($level-- > $targetLevel && ($s = $status[$level]) && (!isset($s['del']) ? !isset($s['flags']) || ($s['flags'] & $flags) === $flags : $s['del'])) {
            if ($flush) {
                ob_end_flush();
            } else {
                ob_end_clean();
            }
        }
    }
 
    /**
     * Checks if we need to remove Cache-Control for SSL encrypted downloads when using IE < 9.
     *
     * @see http://support.microsoft.com/kb/323308
     *
     * @final
     */
    protected function ensureIEOverSSLCompatibility(Request $request)
    {
        if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && 1 == preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) && true === $request->isSecure()) {
            if ((int) preg_replace('/(MSIE )(.*?);/', '$2', $match[0]) < 9) {
                $this->headers->remove('Cache-Control');
            }
        }
/home/streakshot/public_html/vendor/symfony/http-foundation/Response.php
    {
        echo $this->content;
 
        return $this;
    }
 
    /**
     * Sends HTTP headers and content.
     *
     * @return $this
     */
    public function send()
    {
        $this->sendHeaders();
        $this->sendContent();
 
        if (\function_exists('fastcgi_finish_request')) {
            fastcgi_finish_request();
        } elseif (!\in_array(\PHP_SAPI, ['cli', 'phpdbg'], true)) {
            static::closeOutputBuffers(0, true);
        }
 
        return $this;
    }
 
    /**
     * Sets the response content.
     *
     * Valid types are strings, numbers, null, and objects that implement a __toString() method.
     *
     * @param mixed $content Content that can be cast to string
     *
     * @return $this
     *
     * @throws \UnexpectedValueException
     */
    public function setContent($content)
    {
        if (null !== $content && !\is_string($content) && !is_numeric($content) && !\is_callable([$content, '__toString'])) {
            throw new \UnexpectedValueException(sprintf('The Response content must be a string or object implementing __toString(), "%s" given.', \gettype($content)));
Arguments
  1. 0
    
  2. true
    
/home/streakshot/public_html/public/index.php
 
/*
|--------------------------------------------------------------------------
| Run The Application
|--------------------------------------------------------------------------
|
| Once we have the application, we can handle the incoming request
| through the kernel, and send the associated response back to
| the client's browser allowing them to enjoy the creative
| and wonderful application we have prepared for them.
|
*/
 
$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);
 
$response = $kernel->handle(
    $request = Illuminate\Http\Request::capture()
);
 
$response->send();
 
$kernel->terminate($request, $response);
 
/home/streakshot/public_html/index.php
 
/**
 * Laravel - A PHP Framework For Web Artisans
 *
 * @package  Laravel
 * @author   Taylor Otwell <taylor@laravel.com>
 */
 
$uri = urldecode(
    parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH)
);
 
// This file allows us to emulate Apache's "mod_rewrite" functionality from the
// built-in PHP web server. This provides a convenient way to test a Laravel
// application without having installed a "real" web server software here.
if ($uri !== '/' && file_exists(__DIR__.'/public'.$uri)) {
    return false;
}
 
require_once __DIR__.'/public/index.php';
 
Arguments
  1. "/home/streakshot/public_html/public/index.php"
    

Environment & details:

empty
empty
empty
empty
empty
Key Value
TZ
"Asia/Kolkata"
REDIRECT_REDIRECT_UNIQUE_ID
"YaHutMu0UVjz9QQyCT1srAAAAA0"
REDIRECT_REDIRECT_SCRIPT_URL
"/technology/google-drive-flaw-misused-by-hackers"
REDIRECT_REDIRECT_SCRIPT_URI
"https://streakshot.com/technology/google-drive-flaw-misused-by-hackers"
REDIRECT_REDIRECT_HTTPS
"on"
REDIRECT_REDIRECT_STATUS
"200"
REDIRECT_UNIQUE_ID
"YaHutMu0UVjz9QQyCT1srAAAAA0"
REDIRECT_SCRIPT_URL
"/technology/google-drive-flaw-misused-by-hackers"
REDIRECT_SCRIPT_URI
"https://streakshot.com/technology/google-drive-flaw-misused-by-hackers"
REDIRECT_HTTPS
"on"
REDIRECT_HANDLER
"application/x-httpd-ea-php72"
REDIRECT_STATUS
"200"
UNIQUE_ID
"YaHutMu0UVjz9QQyCT1srAAAAA0"
SCRIPT_URL
"/technology/google-drive-flaw-misused-by-hackers"
SCRIPT_URI
"https://streakshot.com/technology/google-drive-flaw-misused-by-hackers"
HTTPS
"on"
HTTP_HOST
"streakshot.com"
HTTP_X_REAL_IP
"18.212.120.195"
HTTP_X_FORWARDED_PROTO
"https"
HTTP_CONNECTION
"close"
HTTP_USER_AGENT
"CCBot/2.0 (https://commoncrawl.org/faq/)"
HTTP_ACCEPT
"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
HTTP_ACCEPT_LANGUAGE
"en-US,en;q=0.5"
HTTP_ACCEPT_ENCODING
"br,gzip"
HTTP_X_HTTPS
"1"
PATH
"/usr/local/jdk/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin:/opt/bin"
SERVER_SIGNATURE
""
SERVER_SOFTWARE
"Apache"
SERVER_NAME
"streakshot.com"
SERVER_ADDR
"62.210.127.245"
SERVER_PORT
"443"
REMOTE_ADDR
"18.212.120.195"
DOCUMENT_ROOT
"/home/streakshot/public_html"
REQUEST_SCHEME
"https"
CONTEXT_PREFIX
"/cgi-sys"
CONTEXT_DOCUMENT_ROOT
"/usr/local/cpanel/cgi-sys/"
SERVER_ADMIN
"webmaster@streakshot.com"
SCRIPT_FILENAME
"/home/streakshot/public_html/index.php"
REMOTE_PORT
"46356"
REDIRECT_URL
"/index.php"
GATEWAY_INTERFACE
"CGI/1.1"
SERVER_PROTOCOL
"HTTP/1.1"
REQUEST_METHOD
"GET"
QUERY_STRING
""
REQUEST_URI
"/technology/google-drive-flaw-misused-by-hackers"
SCRIPT_NAME
"/index.php"
ORIG_SCRIPT_FILENAME
"/usr/local/cpanel/cgi-sys/ea-php72"
ORIG_PATH_INFO
"/index.php"
ORIG_PATH_TRANSLATED
"/home/streakshot/public_html/index.php"
ORIG_SCRIPT_NAME
"/cgi-sys/ea-php72"
PHP_SELF
"/index.php"
REQUEST_TIME_FLOAT
1638002357.0259
REQUEST_TIME
1638002357
argv
[]
argc
0
APP_NAME
"StreakShot"
APP_ENV
"local"
APP_KEY
"base64:ReQmfEFXKLWiEg6BrcO2XKiMoAGvRdQy00AsMsYzrsk="
APP_DEBUG
"true"
APP_URL
"https://streakshot.com"
LOG_CHANNEL
"stack"
DB_CONNECTION
"mysql"
DB_HOST
"localhost"
DB_PORT
"3306"
DB_DATABASE
"streaksh_db"
DB_USERNAME
"streaksh_user"
DB_PASSWORD
".wdnNP8o^nUT"
BROADCAST_DRIVER
"log"
CACHE_DRIVER
"file"
QUEUE_CONNECTION
"sync"
SESSION_DRIVER
"file"
SESSION_LIFETIME
"120"
REDIS_HOST
"127.0.0.1"
REDIS_PASSWORD
"null"
REDIS_PORT
"6379"
MAIL_DRIVER
"smtp"
MAIL_HOST
"smtp.mailtrap.io"
MAIL_PORT
"2525"
MAIL_USERNAME
"null"
MAIL_PASSWORD
"null"
MAIL_ENCRYPTION
"null"
AWS_ACCESS_KEY_ID
""
AWS_SECRET_ACCESS_KEY
""
AWS_DEFAULT_REGION
"us-east-1"
AWS_BUCKET
""
PUSHER_APP_ID
""
PUSHER_APP_KEY
""
PUSHER_APP_SECRET
""
PUSHER_APP_CLUSTER
"mt1"
MIX_PUSHER_APP_KEY
""
MIX_PUSHER_APP_CLUSTER
"mt1"
Key Value
APP_NAME
"StreakShot"
APP_ENV
"local"
APP_KEY
"base64:ReQmfEFXKLWiEg6BrcO2XKiMoAGvRdQy00AsMsYzrsk="
APP_DEBUG
"true"
APP_URL
"https://streakshot.com"
LOG_CHANNEL
"stack"
DB_CONNECTION
"mysql"
DB_HOST
"localhost"
DB_PORT
"3306"
DB_DATABASE
"streaksh_db"
DB_USERNAME
"streaksh_user"
DB_PASSWORD
".wdnNP8o^nUT"
BROADCAST_DRIVER
"log"
CACHE_DRIVER
"file"
QUEUE_CONNECTION
"sync"
SESSION_DRIVER
"file"
SESSION_LIFETIME
"120"
REDIS_HOST
"127.0.0.1"
REDIS_PASSWORD
"null"
REDIS_PORT
"6379"
MAIL_DRIVER
"smtp"
MAIL_HOST
"smtp.mailtrap.io"
MAIL_PORT
"2525"
MAIL_USERNAME
"null"
MAIL_PASSWORD
"null"
MAIL_ENCRYPTION
"null"
AWS_ACCESS_KEY_ID
""
AWS_SECRET_ACCESS_KEY
""
AWS_DEFAULT_REGION
"us-east-1"
AWS_BUCKET
""
PUSHER_APP_ID
""
PUSHER_APP_KEY
""
PUSHER_APP_SECRET
""
PUSHER_APP_CLUSTER
"mt1"
MIX_PUSHER_APP_KEY
""
MIX_PUSHER_APP_CLUSTER
"mt1"
0. Whoops\Handler\PrettyPageHandler