Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/exodusintel/cve-2019-5786

FileReader Exploit
https://github.com/exodusintel/cve-2019-5786

Last synced: 9 days ago
JSON representation

FileReader Exploit

Host: GitHub
URL: https://github.com/exodusintel/cve-2019-5786
Owner: exodusintel
Created: 2019-03-20T18:43:49.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2019-03-20T18:47:25.000Z (over 5 years ago)
Last Synced: 2024-10-26T11:32:13.795Z (17 days ago)
Language: JavaScript
Size: 4.88 KB
Stars: 257
Watchers: 15
Forks: 81
Open Issues: 2
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

CVE-2019-5786 Chrome 72.0.3626.119 stable FileReader UaF exploit for Windows 7 x86.

This exploit uses site-isolation to brute-force the vulnerability. iframe.html is the wrapper script that loads the exploit, contained in the other files, repeatedly into an iframe.

* host iframe.html on one site and exploit.html, exploit.js and wokrer.js on another. Change line 13 in iframe.html to the URL of exploit.html
* start chrome with the --no-sandbox argument
* navigate to iframe.html