Tag Archives: proof-of-concept

Browser history cache

Let’s say you want to get data from a box but there’s no shell (remember “Where there is a shell, there is a way-Unix” :) ) or there is no alternative option to collect information about a user. Well, there is, now you have this.

This is a proof-of-concept code by Zalewski, a Google Security Researcher

Comments:
I tried it and worked both in Opera and Chrome, Firefox with NoScript add on failed (obvious). Firefox without NoScript worked well enough.

Hopefully, I’ll comment more about this exploit sometime later :)

Have fun reading the PoC code :)