漏洞平台

POC详情： b8bbd4fc6d526dd024ecbe5c39cc8fec62c38923

来源

https://github.com/amalmurali47/cve-2025-4664

关联漏洞

标题： Google Chrome 安全漏洞 (CVE-2025-4664)
描述：Google Chrome是美国谷歌（Google）公司的一款Web浏览器。 Google Chrome 136.0.7103.113之前版本存在安全漏洞，该漏洞源于Loader中策略执行不足可能导致跨源数据泄露。

描述

PoC and Setup for CVE-2025-4664

介绍

# CVE-2025-4664
This repository contains a PoC for exploiting CVE-2025-4664, a vulnerability where Chromium-based browsers leak sensitive URL parameters through Link header preload requests.

# Resources

For a detailed explanation of how this exploit works, read the blog post: https://amalmurali.me/posts/cve-2025-4664e.

Watch this video to understand the flow: 




<a href="https://vimeo.com/1097299035?share=copy" target="_blank"><img src="https://github.com/user-attachments/assets/ba4118f9-9df7-4713-8891-b569a354ac4b"></a>

## Files

- `target.py` - Vulnerable web application
- `idp.py` - SSO identity provider
- `attacker.py` - Malicious server that logs leaked tokens
- `templates/` - HTML templates for the demo
- `static/` - Static assets (logo, avatar, CSS)

## Setup

### Dependencies

```bash
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
```

### Hosts File Configuration

Add these entries to your `/etc/hosts` file:

```
127.0.0.1 example.com
127.0.0.1 sso.example.com  
127.0.0.1 attacker.test
```

### Running the Demo

Start all three servers in separate terminals (after activating the venv):

```bash
# Terminal 1: Target application
python target.py

# Terminal 2: SSO Identity Provider  
python idp.py

# Terminal 3: Attacker server
python attacker.py
```

## Disclaimer

This repository is for educational purposes only. The information provided here is intended to help developers understand the vulnerability and protect their systems. Do not use this exploit maliciously or without permission. Use of this PoC is at your own risk. The author is not responsible for any damages or legal issues that may arise from the use of this information.

文件快照


 [4.0K]  /data/pocs/b8bbd4fc6d526dd024ecbe5c39cc8fec62c38923
├── [1.0K]  attacker.py
├── [2.6K]  idp.py
├── [1.7K]  README.md
├── [  38]  requirements.txt
├── [4.0K]  static
│   ├── [122K]  avatar.png
│   ├── [ 252]  logo.svg
│   └── [  41]  style.css
├── [2.3K]  target.py
└── [4.0K]  templates
    ├── [ 734]  index.html
    ├── [4.5K]  profile.html
    ├── [ 797]  redirecting.html
    └── [1.2K]  sso_login.html

2 directories, 12 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。