Category Archives: Chrome

Build nwjs12 for windows

Here is the list of steps to build nwjs12 for windows: Download https://src.chromium.org/svn/trunk/tools/depot_tools.zipSet up the path for depot_toolsgclientInstall VS 2013 community editionInstall Windows 10 SDKset DEPOT_TOOLS_WIN_TOOLCHAIN=0set GYP_DEFINES=”clang=0 nwjs_sdk=0 disable_nacl=1″set GYP_MSVS_VERSION=2013mkdir -p $HOME/nwjscd $HOME/nwjsgclient config –name=src https://github.com/nwjs/chromium.src.git@origin/nw12    Add this to .gclient    … Continue reading

Posted in browser, Chrome, Web, Windows | Tagged , , , | Leave a comment

Deobfuscate Javascript using PhantomJS (Headless browser)

Recently when i got a chance to analyze Neutrino Exploit kit capture, i noticed that Neutrino EK has a detection and check for headless browser and other JS based frameworks. One thing that is interesting about Neutrino EK is all … Continue reading

Posted in browser, Chrome, Exploit, Exploit Kit | Tagged , , , , | 5 Comments

Whitehat Security Labs ‘Aviator’ for windows in ten steps

Recently Whitehat Security Labs released a beta version of their own browser ‘Aviator’ based on the chromium code base. They released it only for the Mac OS version. Here is how we can have a similar setup in windows or … Continue reading

Posted in browser, Chrome, Cr-48, Google | Tagged , , , , , , , | Leave a comment

Google Chrome/ChromeOS bug – 189250

http://googlechromereleases.blogspot.in/2013/04/chrome-os-stable-channel-update.html    [189250] High CVE-2013-0927: Unsafe config option loading in Pango. Credit to Pinkie Pie.    http://www.scip.ch/en/?vuldb.8422 The changes are in ChromeOS’s x11-libs/Pango library. You can read the vulnerable code in this location:    https://git.gnome.org/browse/pango/tree/pango/pango-utils.c static voidread_config (void){  if (!config_hash)    {      char *filename;      … Continue reading

Posted in Chrome, chrome OS, Google | Tagged , , , , | Leave a comment

Google Chrome/ChromeOS Bug (14508)

https://code.google.com/p/chromium/issues/detail?id=14508 http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_chunked_decoder.cc?r1=18687&r2=18686  &nbsp; Root Cause: Signedness error.    commit 9d65ad87c64ec57473b42ed290472ddec99e55c6Author: abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>Date:   Thu Jun 18 04:58:34 2009 +0000     Improve chunked encoding parsing.        R=abarth    BUG=14508    TEST=HttpChunkedDecoderTest.ExcessiveChunkLen        Patch contributed by Chris Evans.        git-svn-id: svn://svn.chromium.org/chrome/trunk/src@18687 0039d316-1c4b-4281-b951-d872f2087c98 $ git rev-list –parents -n … Continue reading

Posted in Chrome, chrome OS, Google | Tagged , , | Leave a comment

Google Chrome/ChromeOS Bug (227197/227181/227158)

  http://googlechromereleases.blogspot.com/2013/04/stable-channel-update-for-chrome-os.html  &nbsp; https://code.google.com/p/chromium/issues/detail?id=227197  &nbsp; https://code.google.com/p/chromium/issues/detail?id=227181  &nbsp; https://code.google.com/p/chromium/issues/detail?id=227158  &nbsp; https://code.google.com/p/chromium/issues/detail?id=196456  &nbsp; You can see all the patches in this link.http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git;a=commit;h=9181705680e1f53fd1e895ebe84c1b7f18c5c380 Anyway, let’s search the GIT log for these bug ID’s in the chrome OS commitsand crack each and every bug.    commit 9181705680e1f53fd1e895ebe84c1b7f18c5c380Author: Josh Horwich <jhorwich@chromium.org>Date:   … Continue reading

Posted in Chrome, chrome OS, Google | Tagged , , | Leave a comment

Chrome IPC Internals – Part V

In this part, we will see how to send a message in synchronized manner. We will send a message to the server and wait for the server to respond. IPCSyncMessage.h #pragma once #define IPC_MESSAGE_START TestMsgStart // in1 must be false, … Continue reading

Posted in C/C++, Chrome, Cr-48, Internals, Windows VC++ | Tagged , , , , , , | 2 Comments