Google Chrome MetaCharacter URI Obfuscation

Hacking

Google Chrome MetaCharacter URI Obfuscation

CEOinIRVINE 2008. 11. 26. 03:39

If you use Google chrome version 0.2.149.27-30, please upgrade to the recent one.

Regards,

Google Chrome MetaCharacter URI Obfuscation Vulnerability

------------------------------------------------------------------------

SUMMARY

Google chrome is vulnerable to URI Obfuscation vulnerability. An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

DETAILS

Vulnerable Systems:

* Chrome version 0.2.149.30

* Chrome version 0.2.149.29

* Chrome version 0.2.149.27

Proof of Concept:

Link1: ftp://anoymous:guest@microsoft.com

Link2: [Without NULL] | http://www.google.com@yahoo.com | [Google --> Yahoo [Obfuscation]]

Link3: http://www.secniche.org%00@www.milw0rm.com [With NULL] SecNiche --> Milw0rm [Obfuscation]