Google URL Shortener g.co Bug: Unveiling Potential Risks

Google URL Shortener g.co Bug: Unveiling Potential Risks - In this article, I will explain the Google URL Shortener bug.

Domain Name: g*co

Type: Redirect URL

Level: Low - Medium

In the first image, I analyzed the traffic on Google's URL shortener. I utilized Fiddler to manipulate the request traffic. Alternatively, you can use Burp Suite or other similar tools.

In the second image, it is evident that the g*co URL is trusted and exclusively used by Google's products.

What are the dangers? 

This bug could be exploited for web ph1shing or manipulating individuals due to their excessive trust in the g*co domain, assuming it belongs to Google itself. 

Users may not realize that the Google URL shortener redirects to a non-Google product.

Here is an example of a manipulated URL:

https://g.co/kgs/3xU68p

👻🌈👇Tools and Community 👇🌈👻