Sort by time | Sort by thread (beta)
Link to this comment:
Share to:
Loading...
- Your queue is empty. Add videos to your queue using this button:
or sign in to load a different list.
Loading...Saving...
why fake the statusbar of google chrome when you can simply fake the CONTENT of the statusbar of EVERY browser with javascript? even if the browser does not allow javascript to change the content of the statusbar, there will be shown a fake url.
visit this page to test it out:
h**p://labs.x3ro.net/statusbar_exploit/
x3ro1337 1 year ago
I wouldn't really call this an exploit. Think about how simple it would be to add a click() event to the link with Javascript and then when the user clicks, redirecting them to the malicious website. In that case, the link would appear identical to any real links, and this "exploit" would be cross-browser. I really wouldn't say that this video shows a flaw in Chrome.
timothysvids 2 years ago 3
@timothysvids I absolutely agree, in my mind an exploit is something like buffer overflow vulnerability which causes browser to execute some code.
darthirakli 1 year ago
on my ubuntu computer i can tell the difference because i have a dark skin and can tell which is which
winter666madness 2 years ago