Samsung Same Origin Policy Bypass (CVE-2017-17692)

The stock internet surfing  application or browser which is pre-installed on all  Android phones is pretentious by a critical flaw, that could be exploited by an attacker to sneak data from browser tabs.

SAME ORIGIN POLICY

In computing, the same-origin policy is an important concept in the web application security model. Under the policy, a web browser permits scripts contained in a first web page to access data in a second web page, but only if both web pages have the same origin. An origin is defined as a combination of URI scheme, host name, and port number. This policy prevents a malicious script on one page from obtaining access to sensitive data on another web page through that page’s Document Object Model.

This mechanism bears a particular significance for modern web applications that extensively depend on HTTP cookies to maintain authenticated user sessions, as servers act based on the HTTP cookie information to reveal sensitive information or take state-changing actions. A strict separation between content provided by unrelated sites must be maintained on the client-side to prevent the loss of data confidentiality or integrity.  (Source : Wikipedia )

This vulnerability is cited in samsung internet browser SOP bypass

The SOP bypass issue was discovered by the security researcher Dhiraj Mishra

SOP bypass example :

Followup :

1. Save the example code as example.html and open it in the browser.
2. Press Click here to redirect
3. The page redirects to http://google.com/abc
4. Which gives a fake pop up to user by saying Enter E-mail and Password
5. Once submitted the username and password is shared back to the parent tab which is sign of SOP bypass

Complete source code for bypassing same origin policy using metasploit

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: