Linux Today: Linux News On Internet Time.

Stealing login details with a Google Chrome extension

Jul 11, 2010, 19:04 (0 Talkback[s])
(Other stories by Andreas Grech)

"The Google Chrome browser allows the installation of third-party extensions that are used to extend the browser to add new features. The extensions are written in JavaScript and HTML and allow manipulation of the DOM, amongst other features.

"By allowing access to the DOM, an attacker can thus read form fields...including username and password fields. This is what sparked my idea of creating this PoC.

"The extension I present here is very simple. Whenever a user submits a form, it tries to capture the username and password fields, sends me an email via an Ajax call to a script with these login details along with the url and then proceeds to submit the form normally as to avoid detection."

Complete Story

Related Stories: