In 2024, I interacted a lot with Extensions. I decided to create a resource that will help with a basic understanding of extensions and key attacks. P.S. I tried to make everything as clear as possible and hope it won’t feel too overwhelming anywhere.

Therefore, you can simply insert > and load your resource. This is useful in cases where the header is set only for successful search queries, as it allows performing an XS-Leak attack.

@WeizmanGal Some of the examples that will be shown and the anti-patterns of development are applicable to Metamask; however, Metamask is quite secure and one of the few wallets where a complete exploitation chain could not be achieved. ;)

As always, top-notch! You must read this!

Small writeup on my 0day at Casdoor (not fixed yet) Abusing open redirect via pwa protocol handlers

@xvonfers Sounds interesting 😸

Great talks! I'm happy that @kevin_mizu research made it into the top 10—he deserves it. A bit sad that I didn’t make it into the top 10, though. It seems that research related to Chrome isn’t very interesting to the community, so maybe I should try something different in 2025.

RT @d4d89704243: Introducing the Cookie Sandwich, a tasty technique to steal HttpOnly cookies using legacy RFC features:

@hackermondev So cool research! Thanks for sharing

@kinugawamasato Yeah, I know, I accidentally sent an unfinished example to the server while uploading another update :) I'm working on adapting a real example to make it less bulky and to avoid getting penalized for disclosure. Sorry about that.

@RenwaX23 Hmmm, In my cases, it didn’t cause any issues, but thank you! I’ve added a note about it to the article.

@kinugawamasato Hi! Yes, in this case, it really isn't necessary. My mistake— I tried to oversimplify the example to make it easier to understand XD I am going to update the article with a different example, thanks for your help!

@TheGrandPew Yes, I didn’t phrase it quite correctly. Initially, I meant it in the context of rewriting the document object. I will revise the article and elaborate on this point in more detail. Thank you for your help!

RT @neploxaudit: Can you find an error in the following Chrome extension content scripts? If not, you might want to check out our knowledge…

Also Added mini Writeup to my Chrome CVE-2024-10229 here -

@albinowax @kobi_hk Therefore, if you have access to modify headers (and can insert an arbitrary content-type), it's game over. You simply gain control over the Service Worker.

@kevin_mizu But there's a chance that the first part will make it into the top of 2024, and the second one into the top of 2025 XD