Issue metadata
Sign in to add a comment
|
Security: Chrome Extension security bug supplanting login form and taking information to steal account
Reported by
esteveca...@gmail.com,
Oct 6
|
||||||||||||||||||
Issue descriptionVULNERABILITY DETAILS I found this bug using a Chrome Exntesion called Grepsr: https://chrome.google.com/webstore/detail/grepsr-web-scraping-tool/hjdijkhlfpeafghibmiabeofkiicdnjm Using this extension, you can scrape any webpage. I was testing it in a service where I had my login information, and they seemed to be able to supplant the actual webpage and took my login credentials to log in their tool. This made them able to take my credentials and steal my account. It can be seen in the following video: https://www.youtube.com/watch?v=DWRD3yA2cXI VERSION Chrome Version: Versión 69.0.3497.100 (Build oficial) (64 bits) Operating System: Mac High Sierra 10.13.6 (17G65) REPRODUCTION CASE 1. Install Grepsr Account 2. Go to a website where you have a login account with autofill from Chrome 3. Use the extension until they ask you to log in their platform 4. See that they take your autofill password and if you don't look well, you can log in with that details, so the request goes to the server and they have your info. Can be seen here: https://www.youtube.com/watch?v=DWRD3yA2cXI Please attach files directly, not in zip or other archive formats, and if you've created a demonstration site please also attach the files needed to reproduce the demonstration locally. FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION Type of crash: [tab, browser, etc.] Crash State: [see link above: stack trace *with symbols*, registers, exception record] Client ID (if relevant): [see link above] CREDIT INFORMATION Externally reported security bugs may appear in Chrome release notes. If this bug is included, how would you like to be credited? Reporter credit: Esteve Castells Calpe
,
Jan 15
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by jialiul@chromium.org
, Oct 8