Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-5822 PoC — Google Chrome 访问控制错误漏洞

Source
https://github.com/Silence-Rain/14-828_Exploitation_of_CVE-2019-5822
Associated Vulnerability
Title:Google Chrome 访问控制错误漏洞 (CVE-2019-5822)
Description:Google Chrome是美国谷歌(Google)公司的一款Web浏览器。 Google Chrome 74.0.3729.108之前版本中的下载管理器存在安全漏洞。攻击者可通过诱使用户访问特制的网站利用该漏洞绕过安全限制,获取系统未授权的访问权限。
File Snapshot

 [4.0K]  /data/pocs/e34d88e318a8afcb5624df47b97c50d55edb22b1
├── [4.0K]  attack_reproduction
│   ├── [4.0K]  address_bar_spoofing
│   │   ├── [ 255]  frame1.html
│   │   └── [ 191]  test.html
│   └── [4.0K]  original_bypass
│       ├── [ 276]  download_redirect.html
│       ├── [ 405]  index.js
│       ├── [ 250]  package.json
│       ├── [ 14K]  package-lock.json
│       └── [ 113]  test.html
├── [4.0K]  mitigation_ext
│   ├── [ 648]  download_alert.js
│   ├── [ 86K]  jquery-3.4.1.min.js
│   └── [ 235]  manifest.json
└── [4.0K]  threat_model
    ├── [ 14K]  Figure_1.png
    ├── [ 318]  frame.html
    └── [ 119]  test.html

5 directories, 13 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.