Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections: Blog - Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Preferences
Contribute
Link to Us
Search
Linux Jobs

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Technology Jobs

JustTechJobs.com

LinuxToday Newsletters
Server Daily
IT Management Daily
Subscribe News
Subscribe PR
Subscribe Security

internet.com
Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

 










Current Newswire:

Python4Kids New Tutorial: Welcome back, Class Recap

Controlling Liquor Loss with Linux

Chrome Web Browser Finally Comes to Android Phones, Tablets

The Best Cloud Music Options for the Linux Desktop

The Secret to Red Hat's Billion-Dollar Success: Everyone's The Boss

NGINX Adds Support for Open Source Web Server

SUSE hits the big 2-0

A Look at 3D Printing and Open Source

Creating a vDSO: the Colonel's Other Chicken

LibreOffice developer shows prototype Android and HTML5 ports



Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume
:Stealing login details with a Google Chrome extension
Stealing login details with a Google Chrome extension
Jul 11, 2010, 19 :04 UTC (0 Talkback[s]) (8003 reads)
(Other stories by Andreas Grech)

"The Google Chrome browser allows the installation of third-party extensions that are used to extend the browser to add new features. The extensions are written in JavaScript and HTML and allow manipulation of the DOM, amongst other features.

"By allowing access to the DOM, an attacker can thus read form fields...including username and password fields. This is what sparked my idea of creating this PoC.

"The extension I present here is very simple. Whenever a user submits a form, it tries to capture the username and password fields, sends me an email via an Ajax call to a script with these login details along with the url and then proceeds to submit the form normally as to avoid detection."

Complete Story

Related Stories:
Google Chrome Knows Which Way Is Up Now(Jul 07, 2010)
Chrome OS In Q4 - Is It Time to Bid External Storage Goodbye?(Jun 23, 2010)
Why Can't We All Use Chromium Instead of Google Chrome?(May 26, 2010)
Google Chrome 5 Hits Stable Status on Linux, Mac(May 26, 2010)



No talkbacks posted.
  Home | Search Talkbacks | Customize View    Top of Page  



Enter your comments below:

* Your Name:

* Your Email Address:

* Subject:

CC: [will also send this talkback to an E-Mail address]

* Comments:

Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content.

Fields marked with * are required!

..............................




All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP