Browser Exploits

Browser Exploits¶

Domain name issues¶

https://tkte.ch/articles/2024/03/15/parsing-urls-in-python.html

Reverse Tabnabbing¶

https://www.comparitech.com/blog/information-security/reverse-tabnabbing/

Web Hooks¶

https://hookdeck.com/webhooks/guides/webhooks-security-checklist

Slack Example¶

Request:

POST /services/<webhook url path> HTTP/2
Host: hooks.slack.com
Accept: */*
Content-Type: application/json
Content-Length: 132

{
"channel": "#general",
"username": "<username if available>",
"text": "PWNED"
}

ClickJacking¶

Using Hidden UI elements above to trick a user into clicking on a button or link on another page when they were intending to click on the top level page.

This can be prevented by using
- Content Security Policy: frame-ancestors/frame-src/child-src
- X-Frame-Options

Certificates¶

https://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/

Extensions¶

https://book.hacktricks.xyz/pentesting-web/browser-extension-pentesting-methodology