Category Archives: Chrome

Build nwjs12 for windows

Here is the list of steps to build nwjs12 for windows: Download https://src.chromium.org/svn/trunk/tools/depot_tools.zipSet up the path for depot_toolsgclientInstall VS 2013 community editionInstall Windows 10 SDKset DEPOT_TOOLS_WIN_TOOLCHAIN=0set GYP_DEFINES=”clang=0 nwjs_sdk=0 disable_nacl=1″set GYP_MSVS_VERSION=2013mkdir -p $HOME/nwjscd $HOME/nwjsgclient config –name=src https://github.com/nwjs/chromium.src.git@origin/nw12    Add this to .gclient    … Continue reading

Posted in browser, Chrome, Web, Windows | Tagged , , , | Leave a comment

Deobfuscate Javascript using PhantomJS (Headless browser)

Recently when i got a chance to analyze Neutrino Exploit kit capture, i noticed that Neutrino EK has a detection and check for headless browser and other JS based frameworks. One thing that is interesting about Neutrino EK is all … Continue reading

Posted in browser, Chrome, Exploit, Exploit Kit | Tagged , , , , | 5 Comments

Whitehat Security Labs ‘Aviator’ for windows in ten steps

Recently Whitehat Security Labs released a beta version of their own browser ‘Aviator’ based on the chromium code base. They released it only for the Mac OS version. Here is how we can have a similar setup in windows or … Continue reading

Posted in browser, Chrome, Cr-48, Google | Tagged , , , , , , , | Leave a comment

Google Chrome/ChromeOS bug – 189250

http://googlechromereleases.blogspot.in/2013/04/chrome-os-stable-channel-update.html    [189250] High CVE-2013-0927: Unsafe config option loading in Pango. Credit to Pinkie Pie.    http://www.scip.ch/en/?vuldb.8422 The changes are in ChromeOS’s x11-libs/Pango library. You can read the vulnerable code in this location:    https://git.gnome.org/browse/pango/tree/pango/pango-utils.c static voidread_config (void){  if (!config_hash)    {      char *filename;      … Continue reading

Posted in Chrome, chrome OS, Google | Tagged , , , , | Leave a comment

Google Chrome/ChromeOS Bug (14508)

https://code.google.com/p/chromium/issues/detail?id=14508 http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_chunked_decoder.cc?r1=18687&r2=18686  &nbsp; Root Cause: Signedness error.    commit 9d65ad87c64ec57473b42ed290472ddec99e55c6Author: abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>Date:   Thu Jun 18 04:58:34 2009 +0000     Improve chunked encoding parsing.        R=abarth    BUG=14508    TEST=HttpChunkedDecoderTest.ExcessiveChunkLen        Patch contributed by Chris Evans.        git-svn-id: svn://svn.chromium.org/chrome/trunk/src@18687 0039d316-1c4b-4281-b951-d872f2087c98 $ git rev-list –parents -n … Continue reading

Posted in Chrome, chrome OS, Google | Tagged , , | Leave a comment

Google Chrome/ChromeOS Bug (227197/227181/227158)

  http://googlechromereleases.blogspot.com/2013/04/stable-channel-update-for-chrome-os.html  &nbsp; https://code.google.com/p/chromium/issues/detail?id=227197  &nbsp; https://code.google.com/p/chromium/issues/detail?id=227181  &nbsp; https://code.google.com/p/chromium/issues/detail?id=227158  &nbsp; https://code.google.com/p/chromium/issues/detail?id=196456  &nbsp; You can see all the patches in this link.http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git;a=commit;h=9181705680e1f53fd1e895ebe84c1b7f18c5c380 Anyway, let’s search the GIT log for these bug ID’s in the chrome OS commitsand crack each and every bug.    commit 9181705680e1f53fd1e895ebe84c1b7f18c5c380Author: Josh Horwich <jhorwich@chromium.org>Date:   … Continue reading

Posted in Chrome, chrome OS, Google | Tagged , , | Leave a comment

Chrome IPC Internals – Part V

In this part, we will see how to send a message in synchronized manner. We will send a message to the server and wait for the server to respond. IPCSyncMessage.h #pragma once #define IPC_MESSAGE_START TestMsgStart // in1 must be false, … Continue reading

Posted in C/C++, Chrome, Cr-48, Internals, Windows VC++ | Tagged , , , , , , | 2 Comments

Chrome IPC Internals – Part IV

In this part, we will see how to use IPC::ChannelProxy for sending and receiving messages using chrome IPC mechanism. From the source code (\ipc\ipc_channel_proxy.h)// IPC::ChannelProxy// This class is a helper class that is useful when you wish to run an … Continue reading

Posted in C/C++, Chrome, Cr-48, Internals, Windows VC++ | Tagged , , , , , , | Leave a comment

Chrome IPC Internals – Part III

We didn’t specify anything about the message ID in the IPC “protocol” header. Did we? Yes we did specify about the message ID in indirect manner. In this blog we will answer few questions. 1) Did we specify message ID?2) … Continue reading

Posted in C/C++, Chrome, Cr-48, Internals | Tagged , , , , , , , | Leave a comment

Chrome IPC Internals – Part II

In this part, we will see how to write a simple client/server component interacting using Chrome IPC. This is a very basic one. I have never found a tutorial to create one such PoC. By extending this, we can use … Continue reading

Posted in C/C++, Chrome, Cr-48, Internals | Tagged , , , , , , , | Leave a comment