SQL Injection Vulnerability in Google Lab Database System
The Hacker News

Very Big & Critical Vulnerability detected in Google Lab System. Vendor is already reported by hackers, But they don't take positive step in this case, so finally hackers exposed the vulnerability in public by Bangladesh Cyber Army Admin - Shadman Tanjim on their Forum.

Google Lab Website has SQL Injection Vulnerability and Dangerous thing is this Vulnerability is Exploitable. Hackers are able to get Tables, columns and data from Database. Google Lab Database has his own customize DB system. But Interesting things is their database system is Similar as Ms Access database. In this case Ms Access SQL Injection System is Also Work on Google Lab Database system.

Statement By Hacker :

I already contact with Google Corporation but they don't give positive response, I think this is their big fault, and will suffer for that. But if they give Positive response then this will be very good for them. Thanks a Ton!!!
Shadman Tanjim
Ethical Hacker, Programmer and Security Professional
Email: admin@bdcyberarmy.com or shadman2600@gmail.com
Website: www.bdcyberarmy.com/forum
Greets to: Shahee Mirza, Almas Zaman, Sayem Islam, Pudina pata, LuckyFm and All
Bangladesh Cyber Army Members.


Video Download link:
https://www.bdcyberarmy.com/Google/google_video.avi

Hackers Release Step by step proof about this Vulnerability
1. Website : www.googlelabs.com or labs.google.com

2. Vulnerability type : SQL Injection
3. Vulnerable url : https://www.googlelabs.com/?q=%27&apps=Search+Labs
4. Info:
Host IP: 209.85.175.141
Web Server: Google Frontend
Keyword Found: Fast
Injection type is Integer

Let's Check Exploiting this Vulnerable link. Here Hackers use 3 Famous SQL Injection tools. They are:
1. Havij Advance SQL Injection Tool
2. Safe3 SQL Injector v8.4
3. Pangolin SQL Injection Tool

1st Work with Havij Advance SQL Injection Tool:
Screen Shot 1: Scan Vulnerable link and it says this website is Vulnerable.
The Hacker News

Screen Shot 2: Now it scans and gets all tables and columns
The Hacker News

Screen Shot 3: Now you can see list of tables and Columns
The Hacker News

And this is a Prove for this Website is Genuine SQL Injection Vulnerable. Here you see this database type is MS Access, so this is a Proof of this concept. Some people should Say Google Lab Database System is not Ms Access but this Website Database is Similar as Ms Access database and Ms Access SQL Injection Query are also Work on Google Labs Database system. As like MySQL 5 and MySQL 4.1 both are injected via Union select, but both are not have Information Schema.

2nd now Work with Safe3 SQL Injector v8.4:
Screen Shot 1: Analyzing Vulnerable link and it says it's vulnerable and gets keyword and db type.
The Hacker News

Screen Shot 2: Now it's Inject the vulnerable link and gets All Table list and column list
The Hacker News

This is another Prove for this Website Vulnerability and we can see this and Dangerous thing is its Exploitable. Now we check our last SQL Injection tool for 100% Satisfy.

3rd Pangolin SQL Injection Tool:
Screen Shot 1: Scan vulnerable link and its say this website is vulnerable
The Hacker News

Screen Shot 2: Now inject this Website and get tables and columns list
The Hacker News

Screen Shot 3: Here is a full List of Tables and Columns list
The Hacker News

Now I think we are 100% Sure Google Lab Website is SQL Injection Vulnerable.

You Can Check Video. This Video is also made by Bangladesh Cyber Army Member - Shadman Tanjim.

UPDATE :
Google insist that there has been no intrusion. The company claims that their GQL database won't allow SQL injection attacks. Additionally, they say that the data that appears in the screen shots, does not exist anywhere in their data stores.


On this Shadman Tanjim - Hackers Reply to Google "Proof it. because I am Also Proof it's Vulnerable. If they say's Google Lab is Not Vulnerable, It Means We get new Bugs in Some Famous SQL Injection tools. And also and 1=1 concept. So tell them to proof this and I don't think All tools are false. because 1 tools can false, 2 tools can get false but not All. ALL Tools say's it is Vulnerable, So i don't think it any confusion. :D "

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.