infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update browser_sop_bypass.rb

MS-2855/keylogger-mettle-extension
RootUp 2017-11-08 12:38:37 +05:30 committed by GitHub
parent 872894f743
commit 0c247d5635
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/auxiliary/gather/browser_sop_bypass.rb
View File

@ -10,9 +10,10 @@ class MetasploitModule < Msf::Auxiliary
super( super(
update_info( update_info(
info, info,
'Name' => "Browser SOP Bypass", 'Name' => "Samsung Internet Browser SOP Bypass",
'Description' => %q( 'Description' => %q(
This module do a server-redirect combined with a data-URI end up bypassing the Same Origin Policy,which leads to all kind of vulnerabilities like stealing user passwords. This module opens up and does a server-redirect to child tab using document.body.innerHTML funtion, the child tab creates a fake pop up asking email ID, Password.
Once entered the credentials is passed back to the parent tab, In this case the address bar points to google.com/csi which actually can be used to trick some one.
), ),
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'Author' => [
@ -21,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
'References' => [ 'References' => [
['URL', 'http://fr.0day.today/exploit/description/28434'], ['URL', 'http://fr.0day.today/exploit/description/28434'],
], ],
'DisclosureDate' => "Nov 09 2017", 'DisclosureDate' => "Nov 08 2017",
'Actions' => [[ 'WebServer' ]], 'Actions' => [[ 'WebServer' ]],
'PassiveActions' => [ 'WebServer' ], 'PassiveActions' => [ 'WebServer' ],
'DefaultAction' => 'WebServer' 'DefaultAction' => 'WebServer'