Chrome "blended threat" exploit demo (Chrome auto-download + UI race condition + DLL load hijacking)




Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Aug 25, 2010


This demo is a modified version of Michal Zalewski's "Firefox geolocation consent hijack demo".
The DLL load hijacking part of the demo (thanks, TheLeader!) requires that you have uTorrent installed. You should be able to easily modify this demo to use any of the other vulnerable applications.
HD Moore, thank you for Metasploit and the new audit toolkit!

Note that this demo is specific to Chrome on Windows, and may not work as expected on other systems or in non-standard screen configurations (dpi, etc); these factors could be accounted for, though.
All other browsers supporting the auto-download and one-click-execute "features" seem to be vulnerable. Oh, wait.. There are no such other browsers!

This proof-of-concept, if successful, will download "plugin_dll.dll" and "coupwn.torrent" files to your Downloads directory, and will execute the Windows calculator.

  • Category

  • Song

  • Artist

    • The Proclaimers
  • Album

    • Best Party Album in the World...Ever!
  • Writers

    • Craig Reid, Charlie Reid
  • Licensed to YouTube by

    • WMG (on behalf of PLG UK Catalog); LatinAutor, PEDL, UBEM, ASCAP, CMRRA, Warner Chappell, LatinAutor - Warner Chappell, and 9 Music Rights Societies


to add this to Watch Later

Add to

Loading playlists...