module
Android Open Source Platform (AOSP) Browser UXSS
| Disclosed | Created |
|---|---|
| N/A | 2018-05-30 |
Disclosed
N/A
Created
2018-05-30
Description
This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in
all versions of Android's open source stock browser before 4.4, and Android apps running
on to scrape both cookie data and page contents from a vulnerable browser window.
If your target URLs use X-Frame-Options, you can enable the "BYPASS_XFO" option,
which will cause a popup window to be used. This requires a click from the user
and is much less stealthy, but is generally harmless-looking.
By supplying a CUSTOM_JS parameter and ensuring CLOSE_POPUP is set to false, this
module also allows running arbitrary javascript in the context of the targeted URL.
Some sample UXSS scripts are provided in data/exploits/uxss.
all versions of Android's open source stock browser before 4.4, and Android apps running
on to scrape both cookie data and page contents from a vulnerable browser window.
If your target URLs use X-Frame-Options, you can enable the "BYPASS_XFO" option,
which will cause a popup window to be used. This requires a click from the user
and is much less stealthy, but is generally harmless-looking.
By supplying a CUSTOM_JS parameter and ensuring CLOSE_POPUP is set to false, this
module also allows running arbitrary javascript in the context of the targeted URL.
Some sample UXSS scripts are provided in data/exploits/uxss.
Authors
Rafay Baloch
joev joev@metasploit.com
joev joev@metasploit.com
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.