Risk Inside Blogger - Stealing Blog Posts of Blogger sites

Steal Blog Posts Blogger

Hello Everyone,

I found a nice bug at Blogger which is not new but still vulnerable.We can steal posts from blogs or sites which are hosted on blogger by atom.xml. If we just visit the link www.bloggerdemosite.com/atom.xml in firefox or chrome it redirects to feeds/posts/default?alt=atom but if we open this link Edge browser, edge browser popups and give an option to save.


First of all open Edge browser and visit this link 


Change the results to 500 for more posts


Next Edge popups to save atom.xml file.Now click on Save. 
Blog Atom.xml file will be downloaded. 
Next Login to your blogger account and select or start a new blog and then go to 'settings' and select 'other'. 
Now click on 'Import Content' and import the downloaded atom.xml file. 


An attacker can steal posts from blogs which are using Blogger. 

This is just for educational purpose only.


Popular posts from this blog

XSS like a Pro

Email Spoofing for Beginners

DoS on WAF Protected Sites by Abusing Cookie