Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
A forged Yahoo Axis chrome extension
JavaScript
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

README.md

Yahoo Axis Forged Package

Yahoo! accidentally included their private certificate file inside the Axis Chrome extension

screenshot

This project is a test package signed using the certificate. Source is in src a test build signed with the cert is in build.

The original package is in original_build and the unpacked original source is in original_src

The spoofed package has the exact same source except it adds a content script.

Install

To test install the package click on the raw link:

https://github.com/nikcub/yahoo-spoof/raw/master/build/yahoo-spoof.crx

All that it does is trigger a javascript alert on every page load on every site/domain. It does this via an added content script.

Contents

In this repo

Implications

Working that out now. I think that if you can DNS hijack the update URL a forged package would update and install silently.

Updates

I have published a blog post about this issue. Updates and responses will be posted there.

Follow latest on my Twitter at @nikcub

Something went wrong with that request. Please try again.