- рдлрд┐рд▓реНрдо рдФрд░ рдПрдирд┐рдореЗрд╢рди
- рд╕рдВрдЧреАрдд
- рдкрд╛рд▓рддреВ рдкрд╢реБ
- рдЦреЗрд▓
- рдпрд╛рддреНрд░рд╛ рдФрд░ рдХрд╛рд░реНрдпрдХреНрд░рдо
- рдЬреБрдЖ
- рд▓реЛрдЧ рдФрд░ рдмреНрд▓реЙрдЧ
- рдХреЙрдореЗрдбреА
- рдордиреЛрд░рдВрдЬрди
- рд╕рдорд╛рдЪрд╛рд░ рдФрд░ рд░рд╛рдЬрдиреАрддрд┐
- рдордиреЛрд╣рд░ рдврдВрдЧ рд╕реЗ рдХреИрд╕реЗ рдХрд░реЗрдВ
- рдЧреИрд░-рд▓рд╛рднрдХрд╛рд░реА рдФрд░ рд╕рдХреНрд░рд┐рдпрддрд╛
- рдЕрдиреНрдп
this browser hack can steal everything
Breaking down this insane Polymorphic Browser Extension hack
I demo that showcases a sophisticated technique involving polymorphic browser extensions. This method highlights the potential risks posed by browser extensions with extensive permissions, demonstrating how a malicious extension can masquerade as a legitimate one like 1Password to steal sensitive information.
00:00 Introduction to a Jaw-Dropping Hacking Demo
00:42 Understanding Polymorphic Extensions
02:04 Phases of the Attack
03:40 Live Demo of the Attack
06:36 Personal History and Early Research
10:09 Real-World Examples and Implications
12:46 Security Recommendations and Conclusion
The Polymorphic Extension research - https://labs.sqrx.com/polymorp....hic-extensions-dd231
My 2011 BlackHat talk - https://youtu.be/KiE6VNjW8ic?si=AijtpDbuatMA2rAR
MY OTHER SOCIALS
ЁЯМОWebsite / Blog https://www.vulnu.com/
ЁЯУ░Newsletter / https://www.vulnu.com/subscribe/
ЁЯУ╖ Instagram / https://www.instagram.com/mattjayy
ЁЯРжTwitter / https://x.com/mattjay
ЁЯФЧLinkedIn / https://www.linkedin.com/in/matthewjohansen/
ЁЯжЛ Bsky / https://bsky.app/profile/mattjay.com
ABOUT ME
In case we havenтАЩt met yet, IтАЩm your friendly neighborhood security guy ЁЯСЛ I'm a computer security veteran who has helped defend startups, the biggest financial companies in the world, and everything in between. Through my podcast, free newsletter, and YouTube channel, I bring you curated cyber security news and personal and professional growth with a mental health cherry on top.
