New issue
Advanced search Search tips

Issue 648019 link

Starred by 1 user
Status: Duplicate
Owner: ----
Closed: Sep 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security

Restricted
  • Only users with Google permission may make changes.



Sign in to add a comment

Security: Undetectable Phishing Page

Reported by vrhackso...@gmail.com, Sep 18 2016 
Hello Google,

We are the owners of the website VRHACKS (http://vrhacks.wixsite.com/vr-hacks).
we have found a security bug in the google chrome. This bug is about the un-
detection of the phishing page which can be used to steal all credentials
information for any purpose like account details of any social accounts.

As far chrome always detect any phishing page or harmful website which is not
secure to access, but regardless we have found a vulnerability in the script
code which can be easily hosted on any web hosting website and through which the
credentials details can be stolen.

We have attached the files which can be hosted on hosting account and can be
used to steal credentials details. we have also attached the screen shot of the
the website which we have made for test. (http://exploitchecktest.comxa.com/)


We have not used this exploit for any other purpose and we wish that google
fixes this bug as soon as possible so that no other person or hacker can use it
for harmful purpose.


We are the students having interest in technology and other security researches.
we wish that you verify this bug and give us rewards under the google chrome
rewards programme.

Thanks,
VRHACKS
index.php
6.4 KB View Download
fake.php
276 bytes View Download
Webpage Exploit.JPG
50.3 KB View Download

Comment 1 by elawrence@chromium.org, Sep 19 2016

Mergedinto: 648016
Status: Duplicate (was: Unconfirmed)
This appears to be an accidental duplicate of 648016. Please reply back if not.

Comment 2 by vrhackso...@gmail.com, Sep 20 2016 

Hello I am the founder of this bug actually the bug which you are telling 648016 was actually send by us but when we had submitted it finally the bug did not listed in the issues list so we had submitted it again if you want.....the originally this bug is founded by us VRHACKS (vrhacksofficial@gmail.com)

Comment 3 by vrhackso...@gmail.com, Sep 23 2016 

Hello there is no reaction regarding this issue...

Comment 4 by elawrence@chromium.org, Sep 23 2016 

This bug is identical to issue 648016, which remains active. In https://bugs.chromium.org/p/chromium/issues/detail?id=648016#c1 we have requested more information; please follow up there.

Comment 5 by vrhackso...@gmail.com, Sep 23 2016 

This issue is not able to watch it says user is not allowed

Comment 6 by vrhackso...@gmail.com, Sep 23 2016 

Please give your response on this issue because that issue is not been able to see...

Comment 7 by elawrence@chromium.org, Sep 26 2016 

You filed the other bug using a different account. I'll CC you on that bug.

Comment 8 by vrhackso...@gmail.com, Sep 26 2016 

Hello....the vrhacks@hotmail.com is been changed to vrhacksofficial@gmail.com
So please reply on this bug here

Comment 9 by elawrence@chromium.org, Sep 27 2016

Labels: Restrict-EditIssue-Google
This duplicate bug is closed; vrhacksofficial@gmail.com was added to the CC list for 648016; please answer the questions in that issue.

Comment 10 by vrhackso...@gmail.com, Sep 27 2016 

Okay we will soon answer the question...
Project Member

Comment 11 by sheriffbot@chromium.org, Dec 27 2016

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment