Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Using Blended Browser Threats involving Chrome to steal files on your computer
Posted by: Inferno
Date: November 05, 2009 03:44PM

Another issue i found in chrome, that can be used to steal files using other browsers...

http://securethoughts.com/2009/11/using-blended-browser-threats-involving-chrome-to-steal-files-on-your-computer/

-
Inferno
SecureThoughts.com

Options: ReplyQuote
Re: Using Blended Browser Threats involving Chrome to steal files on your computer
Posted by: rvdh
Date: November 07, 2009 10:51AM

Interesting, I knew about: mhtml:hxxp://www.google.com/ that will do something similar as view-source: in Mozilla. Didn't know it passes it to the win32 shell to execute it, I fiddled a bit with it some time ago. Nice work man!

Options: ReplyQuote
Re: Using Blended Browser Threats involving Chrome to steal files on your computer
Posted by: Inferno
Date: November 09, 2009 12:08AM

Thanks @Ronald for appreciating my work. MHT is quite an interesting extension :).

-
Inferno
SecureThoughts.com

Options: ReplyQuote


Sorry, only registered users may post in this forum.