Skip to content

Latest commit

 

History

History
47 lines (32 loc) · 1.99 KB

README.md

File metadata and controls

47 lines (32 loc) · 1.99 KB
Raw

Web-Local-Attacks

Videos and POC for Web/Local attacks

================================================================================

Authors

The Web/Local attacks are designed by Yaoqi Jia, Zheng Leong Chua, Hong Hu, Shuo Chen, Prateek Saxena and Zhenkai Liang.

Videos

Videos for our attacks are available at https://youtu.be/fIHaiQ4btok.

Demo: Dropbox. https://youtu.be/P-oX0wEasz4.

Demo: FILE Scheme. https://youtu.be/IPWJzzpvJdA.

Demo: Google Play. https://youtu.be/nKyvCo5cn6c.

Demo: VNC. https://youtu.be/dYSTxmNVgxI.

VM for Chrome 33

Our POC works for Chrome 33. We'll provide a link for the VM of this version soon.

Disclaimer

The code is a research-quality proof of concept, and is still under development for more features and bug-fixing.

References

The ``Web/Local'' Boundary Is Fuzzy: A Security Study of Chrome’s Process-based Sandboxing
Yaoqi Jia, Zheng Leong Chua, Hong Hu, Shuo Chen, Prateek Saxena and Zhenkai Liang.
In the 23rd ACM Conference on Computer and Communications Security ( CCS 2016 )