Full Disclosure mailing list archives
Google Chrome - Javascript Execution Via Default Search Engines
From: metalkey net <6d3374346c6b33 () gmail com>
Date: Sun, 10 Jan 2016 23:00:37 +1100
Google Chrome allows execution of Javascript via the Default Search Engines feature. An exploit can be created to take advantage of this issue by manipulating the master_preferences file on a victim's machine. Video Example: https://www.youtube.com/watch?v=WoF-LkA6fMk Walkthrough: https://m3t4lk3y.wordpress.com/category/google-chrome-search-poison/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Google Chrome - Javascript Execution Via Default Search Engines metalkey net (Jan 11)