I think I might have found a huge exploit #1328
Replies: 5 comments
-
|
also kinda credit to bypassi |
Beta Was this translation helpful? Give feedback.
-
|
first of all why are we using chat gpt 💀? second of all, does this not require bookmarklets? |
Beta Was this translation helpful? Give feedback.
-
|
also i have to add, if the extension in question has a web request listener set up, you can't cancel that via autofill-internals. |
Beta Was this translation helpful? Give feedback.
-
|
chrome://autofill-internals/ don't have access to any chrome.api (i checked myself) |
Beta Was this translation helpful? Give feedback.
-
|
it has chrome.send("TurnOffSync"), the goofy one |
Beta Was this translation helpful? Give feedback.
-
This needs building on, but there is a way to use point blank to redirect pages on chrome://autofill-internals. According to ChatGPT, the page has access to many apis such as chrome.webrequest, used to block sites. This can toggle DNS emulator on a specially crafted page to use opener.chrome to set this up.
Beta Was this translation helpful? Give feedback.
All reactions