![spf pass gmail hack spf pass gmail hack](https://ezh.es/blog/images/003_gsuite_spf_bypass/gmail_pass_results.png)
In a demo video, which Nikoci shared with the website, he shows a legitimate version of the file that is already shared among a group of users being replaced by a malicious file. ".the affected functionally allows users to upload a new version with any file extension for any existing file on the cloud storage, even with a malicious executable," told Nikoci to The Hacker News.
#Spf pass gmail hack update#
As per Nikoci the 'manage versions' functionally should allow users to update an older version of a file with a new version having the same file extension, however, this is not the case. You might see changes when someone: edits or comments in Google Docs, rename sa file or folder, moves or removes a file or folder, uploads a new file to a folder and shares or unshares an item. The feature allows user to see changes made to his/her files in Drive and keep track of who made those changes. The security bug is said to be the 'manage versions' feature offered by Google Drive that allows users to upload and manage different versions of a file. He claims that he has already discosed the bug to Google. In an exclusive interview to The Hacker News, Nikoci said that an unpatched security loophole in Google Drive could be misued by hackers to distribute malicious files disguised as legitimate documents or images. Hackers may trick Google Drive users into downloading malware, so claims system administrator A Nikoci.