CVE-2020-16012 PoC — Mozilla Firefox 安全漏洞

Source

https://github.com/aleksejspopovs/cve-2020-16012

Associated Vulnerability

Title:Mozilla Firefox 安全漏洞 (CVE-2020-16012)
Description:Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 FireFox 存在安全漏洞，该漏洞源于当在未知的交叉原点图像上绘制透明图像时，Skia库的drawImage函数会根据底层图像的内容花费可变的时间。这导致了通过定时侧通道攻击可能暴露图像内容的交叉源信息。

Description

PoC for CVE-2020-16012, a timing side channel in drawImage in Firefox & Chrome

Readme

This repo contains PoCs for CVE-2020-16012, a side channel vulnerability in the implementation of [CanvasRenderingContext2D.drawImage()](https://developer.mozilla.org/en-US/docs/Web/API/CanvasRenderingContext2D/drawImage) in Firefox and Chromium.

Read a writeup of this vulnerability [on the Mozilla Attack & Defense blog](https://blog.mozilla.org/attack-and-defense/2021/01/11/leaking-silhouettes-of-cross-origin-images/).

Inside `benchmark` is code for measuring the timing of the operations involved, as well as the results of the benchmark obtained on Firefox 76 and Chromium 83 running on Linux using CPU rendering.

Inside `exploit` is an example exploit that recovers the silhouette of a cross-origin image using this vulnerability, as well as a recording of the exploit in action.

File Snapshot


 [4.0K]  /data/pocs/155483a56718fa1b48fedc5eb14e144ff4e627c3
├── [4.0K]  benchmark
│   ├── [3.8K]  benchmark.html
│   ├── [ 973]  chromium.tsv
│   └── [ 254]  firefox.tsv
├── [4.0K]  exploit
│   ├── [2.8K]  exploit.html
│   ├── [ 33K]  exploit_recording.webm
│   └── [10.0K]  secret2.png
└── [ 791]  README.md

2 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!