XSS ChEF - Exploitation Framework
Am Tuesday, 13. Mar 2012 im Topic 'Tools'
This is a Chrome Extension Exploitation Framework - think BeEF for Chrome extensions. Whenever you encounter a XSS vulnerability in Chrome extension, ChEF will ease the exploitation.
What can you actually do:
Monitor open tabs of victims
Execute JS on every tab (global XSS)
Extract HTML, read/write cookies (also httpOnly), localStorage
Get and manipulate browser history
Stay persistent until whole browser is closed (or even futher if you can persist in extensions' localStorage)
Make screenshot of victims window
Further exploit e.g. via attaching BeEF hooks, keyloggers etc.
Explore filesystem through file:// protocol
Bypass Chrome extensions content script sandbox to interact directly with page JS
Download
https://github.com/koto/xsschef
What can you actually do:
Monitor open tabs of victims
Execute JS on every tab (global XSS)
Extract HTML, read/write cookies (also httpOnly), localStorage
Get and manipulate browser history
Stay persistent until whole browser is closed (or even futher if you can persist in extensions' localStorage)
Make screenshot of victims window
Further exploit e.g. via attaching BeEF hooks, keyloggers etc.
Explore filesystem through file:// protocol
Bypass Chrome extensions content script sandbox to interact directly with page JS
Download
https://github.com/koto/xsschef
