[guardian-dev] Android WebView SOP vulnerability (CVE-2014-6041)
Nathan of Guardian
nathan at guardianproject.info
Fri Sep 19 09:43:34 EDT 2014
On Fri, Sep 19, 2014, at 08:55 AM, Tom Ritter wrote:
> The way I'd exploit it is by sending you a link via
> email/txt/chatsecure when I think/hope you're on your phone with some
> enticing subject like "Someone just dropped a ChatSecure 0day on
> ExploitDB. That link would send you to a page with some nonsense text
> that's really long for you to read through. Meanwhile I stuck a
> couple of iframes hidden on the page that frame gmail, facebook,
> whatever else is interesting. Anything you're logged in to would
> allow full page extraction - all your emails, facebook info, etc etc.
> Add with some crawling through the html and you could extract
> near-limitless information so long as the victim kept the page open.
Ah, right, thanks. Glad to have devious, criminal minded friends like
you around, Tom!
More information about the Guardian-dev
mailing list