Rebane2d ago

back in 2022 i found a bug that would let me, with no user interaction, turn any chromium-based browser into a permanent js botnet member

in edge, you wouldn't even notice anything out-of-place, and would stay connected to the c2 even after closing the browser

today, almost 4 years later, the bug is finally public:
https://issues.chromium.org/issues/40062121

Show threadRebane2d ago
OH NO I JUST REALIZED THIS IS NOT ACTUALLY PROPERLY FIXED AND STILL WORKS 💀💀
Show threadRebane2d ago

even worse, edge no longer even makes the download menu pop up, so it's completely silent js rce that keeps running even after you close the browser !!

all from just visiting a single website once !!

Show threadHenry2d ago
@rebane2001 Is this what they call a 1259 day?
Show threadEd2d ago
@henry_null @rebane2001 Cue Microsoft issuing a press release accusing Rebane of "violating coordinated vulnerability best practices." They've barely had time to react, after all...
Show threadHenry
@EdCates @rebane2001 I mean its them who made it public first I guess🤷 https://issues.chromium.org/issues/40062121#comment56
Chromium

May 20 at 2:04pmWeb