[vulnerability?] Redirecting to 3rd site from google search results
Secrius last edited by
Hello. I saw bug (or vulnerability) in the browser. After my Google search request "ssh md5 key verification" it get results (https://www.google.ru/search?q=ssh+md5+key+verification&gws_rd=cr&ei=7qboVKjCF8r6ygOzlYKgCA). Fourth result "Ssh Keygen Md5" address vishamn.se/ssh-keygen-md5-ab20a-4c832 link: https://www.google.ru/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&ved=0CDYQFjAD&url=http%3A%2F%2Fvishamn.se%2Fssh-keygen-md5-ab20a-4c832&ei=7qboVL_vHcHYywPzlIHgCg&usg=AFQjCNGvsK0s3Vu1Xh8cHHl6PMpWK9F7Pw&bvm=bv.86475890,d.bGQ&cad=rja route me to site www.putinhuylo.info If i copy this link to Firefox, page stays blank, but address in address bar is vishamn.se/ssh-keygen-md5-ab20a-4c832. If I search in FF at Google "ssh md5 key verification" i have no result "Ssh Keygen Md5" in list. Please, check this problem, because it may vulnerability of Vivaldi! ----------adding-------- My platform Fedora 21 Workstation x64 Vivaldi 18.104.22.168 (Сборка для разработчиков) stable
sgunhouse last edited by
Did you try the direct approach?
Here, it redirects to either Megaupload or Softpedia - so the site is redirecting you randomly to a download host. Same happens in Opera 27 or Google Chrome, so it is Firefox that is not behaving as the website expects. Though I have to admit that when I click on your search results (without the final parenthesis) I didn't get that site in the results.
vaguerant last edited by
I'm not sure which part of this story is the vulnerability in Vivaldi. Your browser isn't in charge of either a) Which results Google's targeted results provide to you (see Filter bubble on Wikipedia) or b) Whether or not the sites you choose to visit are trustworthy.
The fact that the result appears on Google in some browsers and not others isn't very interesting at all. Google fingerprints its users and provides them with results tailored to them personally. If you switch browsers or computers there's a very high probability that you won't get exactly the same results because Google doesn't know that it's you visiting.
And as sgunhouse discovered, the (probably quite untrustworthy) site's intended behavior is to mislead and redirect the user. Welcome to the Internet, sometimes it sucks. Vivaldi might seek to make it the best it can be, but it is what it is.
sgunhouse last edited by
It is not misleading at all - it is a download page, it is supposed to redirect you to an available host. But Google didn't tell you what it was.