Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC
Try this: chromehtml:"%20--renderer-path="calc"%20--no-sandbox Disabling sandbox does matter :) Tested with Google Chrome Chrome 1.0.154.46 on Win XP/Vista and IE6/IE7 and it works ... Full PoC: Chrome URI Handler Remote Command Execution PoC This is a test
Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC
Attack vector is Internet Explorer 7/8b against a system with a coexistent google chrome installation. It works exactly like this: http://www.milw0rm.com/exploits/7181
Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC
This won't work since google chrome will ask for user permission. btw, it cannot launch the applet even you have given out the permission.