YoVDO

Breaking Microsoft Edge Extensions Security Policies

Offered By: media.ccc.de via YouTube

Tags

Conference Talks Courses Cybersecurity Courses Javascript Courses Privilege Escalation Courses Browser Security Courses Microsoft Edge Courses Content Security Policy (CSP) Courses

Course Description

Overview

Explore the critical security vulnerabilities in Microsoft Edge browser extensions in this 30-minute conference talk from the 36C3 event. Dive into the intricacies of browser extension permissions, focusing on host access permissions and their potential for exploitation. Learn how researchers discovered methods to bypass these permissions, allowing malicious extensions to access sensitive data across various websites and even local system files. Understand the implications of this security flaw, which led to the assignment of CVE-2019-0678. Follow the speaker's journey through extension implementation, manipulation of Tabs API, exploitation of JavaScript protocol, and escalation of Content Security Policy privileges. Gain insights into how these vulnerabilities could lead to unauthorized access to emails, local files, and internal browser settings. Discover the potential risks associated with browser extensions and the importance of robust security measures in protecting user privacy and data.

Syllabus

Intro
Browser Extensions
Permission Model In Extensions
Host Access Permissions
Sample Extension
Load Local Files & Privileged Pages
JavaScript Protocol
Host Permission Bypass
Stealing Google Emails
Stealing Local Files
Changing internal dev settings
Enabling/Disabling Adobe F Player
Edge Reading Mode
Other Extensions Internal Pages
CSP Privileges Escalation


Taught by

media.ccc.de

Related Courses

Fixing XSS with Content Security Policy
LASCON via YouTube
OWASP Top 10 for JavaScript Developers
OWASP Foundation via YouTube
Don't Trust the DOM - Bypassing XSS Mitigations via Script Gadgets
OWASP Foundation via YouTube
Dissecting CSRF Attacks & Countermeasures
Black Hat via YouTube
Browser Security and HTTP Headers - Attacks and Protections in Action
Devoxx via YouTube