Mac OS X Safari .webarchive File Format UXSS

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Mac OS X Safari .webarchive File Format UXSS', 'Description' = %q Generates a .webarchive file for Mac OS X Safari that will attemp...

Android browser cross-domain data theft, and the Intent of the Scheme to attack-vulnerability warning-the black bar safety net

We next want to introduce this vulnerability, which affects versions of Android 4. 4 The following comes with the browser and some other specific Android browser, which allowed hackers to read the sqlite format of the cookie database file, thereby stealing cookies. Along with this problem, we hav...

Mac OS X Safari .webarchive File Format UXSS

Generates a .webarchive file for Mac OS X Safari that will attempt to inject cross-domain Javascript UXSS, silently install a browser extension, collect user information, steal the cookie database, and steal arbitrary local files. When opened on the target machine the webarchive file must not hav...