Escaping the Chrome Sandbox Through DevTools

(ading.dev)

406 points vk6 | 2 comments | 17 Oct 24 05:55 UTC | HN request time: 0.428s | source

Show context

Etheryte ◴[17 Oct 24 07:57 UTC] No.41867389[source]▶

Given the severity, I can't help but feel that this is underpaid at the scale Google is at. Chrome is so ubiquitous and vulnerabilities like these could hit hard. Last thing they need to do is to send the signal that it's better to sell these on the black market.

replies(9): >>41867499 #>>41867548 #>>41867653 #>>41867666 #>>41867873 #>>41868146 #>>41868628 #>>41868995 #>>41869073 #

TheDong ◴[17 Oct 24 08:18 UTC] No.41867499[source]▶

>>41867389 #

If you can trick someone into installing a malicious extension with arbitrary permissions, you can already run arbitrary code on every webpage they visit, including their logged in bank, social media, etc.

You think an attacker is right now thinking "Man, I know exactly how to make a lot of victims install an extension, but I can only steal their coinbase wallet and bank accounts, if only there was a way I could run calc.exe on their machine too..." who's going to pay more than $20k to upgrade from "steal all their money" to "steal all their money and run calc.exe"?

replies(5): >>41867676 #>>41867738 #>>41867770 #>>41868097 #>>41868626 #

scotty79 ◴[17 Oct 24 11:35 UTC] No.41868626[source]▶

>>41867499 #

Run calc.exe actually means steal money of everybody in their entire organization or blackmail the entire organization by encypting all the data they need to function.

replies(1): >>41870143 #

1. echoangle ◴[17 Oct 24 14:43 UTC] No.41870143[source]▶

>>41868626 #

If compromising a single machine of a user already compromises your entire orgs IT, you’re doing something wrong, right? Shouldn’t a normal user lack privileges to do this much damage to the network?

replies(1): >>41877697 #

2. scotty79 ◴[18 Oct 24 09:30 UTC] No.41877697[source]▶

>>41870143 (TP) #

Everybody is doing something wrong.

↑