Major 0-day found by Shadow008 in Google Blogger software


Shadow008 a Pakistani hacker discovered a major  vulnerability in Google’s blogger software. The vulnerability allows the hacker to hack and deface any website pointing to Google server.

The full process was posted on patebin and can be easily done with not too much IT knowledge. The hacker also defaced several major hacking news website like The hacker news and



1st) Find a target where as its subdomain or its main domain is pointing to google or blogger server I.P
2nd) If it is pointing to Google Server I.P, You will see a page 100% like this >>

404. That’s an error.

The requested URL / was not found on this server. That’s all we know.

If that shows, That means its vul to BlogDNS 0day

3rd) Go to and Login / Create an account
4th) Create a Blog
5th) Name it anything you want as a subdomain for blogger.
6th) Once blog is created, Go to Settings > Publishing > Switch To Advanced Mod and add that site URL domain. ( Please note that it MUST be pointing to google or blogger server I.P.
and Save it.

Clear You cache and go to that sites subdomain which you added. You will see its in your control  .
Now go to Design > Edit HTML > Revert to Classic Template > Add Deface Code There (Switch of Navbar to OFF) and Hit Save, Clear Cache and check site will be defaced  .

Note: I have used Old Blogger Interface, I don’t use the New Blogger Interface as I find the old one more easy

I hope it was clear and understood
Have fun and don’t share

Sites which are hacked using this method:


2 Responses to Major 0-day found by Shadow008 in Google Blogger software

  1. a says:

    I get this:
    We can not verify your authorization for this domain. Error 12
    what to do?

  2. R says:

    shadow008 can you plz made some video or pictured way to understand it much better……… i am great fan of you pleas must contact me [email protected]

Leave a Reply