infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update samsung_browser_sop_bypass.md

MS-2855/keylogger-mettle-extension
RootUp 2017-12-17 11:02:24 +05:30 committed by GitHub
parent 53a098a7f3
commit 95e2f1da95
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
documentation/modules/auxiliary/gather/samsung_browser_sop_bypass.md
View File

@ -2,7 +2,7 @@
This module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser (CVE-2017-17692), a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up and the gather credentials is stored in `creds`
## Vulnerable Application
This Modules was tested on Samsung Internet Browser 5.4.02.3 during development of this module.
This Module was tested on Samsung Internet Browser 5.4.02.3 during development.
## Verification Steps
1. Start `msfconsole -q`