Riadh Bouchahoua
An offensive security engineer with experience in penetration testing and tool development, with a background in web development.
Session
This presentation introduces a stealthy technique for injecting arbitrary extensions into Chromium-based browsers by manipulating the Preferences file.
The method, which remains relatively obscure, expands on the groundwork laid by Pablo Picazo-Sanchez, Gerardo Schneider, and Andrei Sabelfeld in their 2020 whitepaper.
The focus of the presentation is on refining and enhancing this approach to circumvent recent security measures implemented in the latest Chromium versions. It demonstrates the automation of this process through an exploitation script and showcases various post-exploitation attacks that leverage the chromium API which permits :
- Stealing of cookies and Localstorage credentials
- Getting history of navigation
- Partial access to the FS
- And much more ...