Skip to content

jiayaoqijia/Web-Local-Attacks

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
attack-dropbox
 
 
attack-openstack
 
 
attack-play
 
 
README.md
 
 
Web-Local-Attacks Videos and POC for Web/Local attacks Authors Videos VM for Chrome 33 Disclaimer References

README.md

Web-Local-Attacks

Videos and POC for Web/Local attacks

================================================================================

Authors

The Web/Local attacks are designed by Yaoqi Jia, Zheng Leong Chua, Hong Hu, Shuo Chen, Prateek Saxena and Zhenkai Liang.

Videos

Videos for our attacks are available at https://youtu.be/fIHaiQ4btok.

Demo: Dropbox. https://youtu.be/P-oX0wEasz4.

Demo: FILE Scheme. https://youtu.be/IPWJzzpvJdA.

Demo: Google Play. https://youtu.be/nKyvCo5cn6c.

Demo: VNC. https://youtu.be/dYSTxmNVgxI.

VM for Chrome 33

Our POC works for Chrome 33. We'll provide a link for the VM of this version soon.

Disclaimer

The code is a research-quality proof of concept, and is still under development for more features and bug-fixing.

References

The ``Web/Local'' Boundary Is Fuzzy: A Security Study of Chrome’s Process-based Sandboxing
Yaoqi Jia, Zheng Leong Chua, Hong Hu, Shuo Chen, Prateek Saxena and Zhenkai Liang.
In the 23rd ACM Conference on Computer and Communications Security ( CCS 2016 )

About

No description, website, or topics provided.

Resources

Readme

Stars

49 stars

Watchers

8 watching

Forks

12 forks

Releases

No releases published

Packages

No packages published

Languages