Google Releases New Browser Chrome – Vulnerabilities on First Day

Use Netsparker


So as most of you probably know the big buzz on the Internet last week was that Google (after supporting Firefox for so long) have actually launched their own browser.

It’s cooled Google Chrome. Now of course in typical Google fashion they call it BETA software, and a number of flaws have popped up during the first couple of days of release.

One cool thing though is that each tab runs it’s own threaded process, so if one tab bombs out it won’t take down your whole browser.

The browser is a move for Google into the online/offline integration they started with Google Desktop, there are more and more online apps (Google Office) that people still want to use offline with a Google made browser this will be possible.

You also have to consider the privacy implications though, if you are also using Gmail…Google will basically know everything you do, even worse if you also use Google Desktop they will know what you have on your computer, what e-mail you send and receive and what you surf on the web.

The German Government has come out and told its citzens NOT to use Google Chrome.

There have been a few flaws released since Chrome came out such as a carpet bombing flaw:

Google’s shiny new Web browser is vulnerable to a carpet-bombing vulnerability that could expose Windows users to malicious hacker attacks.

Just hours after the release of Google Chrome, researcher Aviv Raff discovered that he could combine two vulnerabilities — a flaw in Apple Safari (WebKit) and a Java bug discussed at this year’s Black Hat conference — to trick users into launching executables direct from the new browser.

The PoC is here: http://raffon.net/research/google/chrome/carpet.html

Another is a crash in chrome.dlll.

An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a ‘special’ character, the chrome crashes with a Google Chrome message window “Whoa! Google Chrome has crashed. Restart now?”. It fails in dealing with the POP EBP instruction when pointed out by the EIP register at 0x01002FF4.

The PoC is here: http://evilfingers.com/advisory/google_chrome_poc.php

And a few people have also been complaining that it allows auto-download of executable without a user prompt.

We will be keeping an eye on Google Chrome.

Posted in: Exploits/Vulnerabilities, Web Hacking

, , , , , , , , ,


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


5 Responses to Google Releases New Browser Chrome – Vulnerabilities on First Day

  1. d347hm4n September 9, 2008 at 7:44 am #

    I don’t think that we will be the only one’s keeping a close eye on the new browser. Bound to find some flaws in the first few days. Thats what a patching cycle is for.

  2. Morgan Storey September 9, 2008 at 8:10 am #

    no props again… ah well, we sorta read this at the same time.
    There is a good chrome kb that some guy put up here that has known vulnerabilites.
    Looking on the front page there has been an update released already… Obviously google are so used to being able to update their install base for the google webserver etc with the flick of the switch they may not realise users aren’t like that, I wonder how many will still be running the original release months from now.
    http://chromekb.com/

  3. Darknet September 9, 2008 at 4:09 pm #

    Sorry Morgan but yeah kinda read about it at the same time and I’d seen a couple of other vulnerabilities already – but yeah everyone Morgan did e-mail me about this subject!

  4. Pantagruel September 9, 2008 at 8:58 pm #

    So now all we have to do is wait for another serious flaw in Chrome and Google spilling all the users details it has gathered in it’s browser/email client/desktop search app installed on the victims pc.

    I get the impression the where rushing the Chrome release and left out the serious bug hunt routine.

  5. Morgan Storey September 9, 2008 at 10:46 pm #

    @Pantagruel: I feel that the bug hunt for them is done by the end user a lot of the time. Not a bad thing, and they do try and let people know by calling all releases beta, it is a throwback to their open source roots I would say.