Google Chrome上的安全保护 [英] Security protection on Google Chrome
问题描述
我正在尝试研究谷歌Chrome安全性,我尝试了各种方法,包括PE注入 - 谷歌浏览器阻止了它。任何可以提供关于如何在Google Chrome中执行注入的想法或链接。
为什么我要进行此安全研究?
因为这个线程是可疑的,我想在这个问题背后给出一个有效的理由 - 它可以作为一个使用网络通信中心的过程吗?由于许多应用程序(如uTorrent)使用这些类型的方法进行通信而没有数字
签名证书。
您好,
谷歌浏览器并不太难注入,虽然我强烈建议您不要这样做,因为这样做会导致注入失败(如果执行代码)注入),如果任何结构未初始化,那么AV将
标记您的应用程序 "Malware "
他们的启发式引擎。
至于技术细节,我访问我的博客:[已删除]
请注意,甚至在诸如Google Chrome的Process \Memory Space之类的应用程序上执行DLL注入,即使在DLL中也会导致失败注入(最稳定的方法)因为这种技术在版本上有所不同。
拇指的一般规则是 - 越旧越好,越新越难,如果有更新的版本谷歌浏览器修补了这一点 - 它一定会失败。这一切都归结为你使用的技术。为了解决这个问题,使用具有五十五个连续机会的技术,购买证书会更容易
或更少。
DLL注入方法的片段:
// Rohan Vijjhalwar - MSDN
#include< Windows.h>
int WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow){
char ie [MAX_PATH];
char dll [MAX_PATH];
GetEnvironmentVariable("programfiles",即sizeof(ie));
strcat(即"\\Gcogle \\Chrome \\ Application \\ chrome.exe"");
strcpy(dll,lpCmdLine);
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(& si,sizeof(si));
ZeroMemory(& pi,sizeof(pi));
CreateProcess(NULL,即NULL,NULL,false,0,NULL,NULL,& si,& pi);
HANDLE baseAddress = VirtualAllocEx(pi.hProcess,NULL,256,MEM_COMMIT,PAGE_READWRITE);
WriteProcessMemory(pi.hProcess,baseAddress,dll,sizeof(dll),NULL);
CreateRemoteThread(pi.hProcess,NULL,0,(LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(" kernel32")," LoadLibraryA"),baseAddress,0,NULL);
睡眠(100);
TerminateThread(pi.hThread,0);
返回0;
}
直到下一次,
Rohan Vijjhalwar
Hi,
I am trying to research into Google Chrome security, I tried various methods including PE Injection - google chrome prevented it. Any idea or link which can give me ideas on how to perform injection into Google Chrome.
Why am I doing this Security Research?
As this thread is suspicious, I want to give a valid reason behind this question - It can be used as a process to be used a Network Communication Hub? As a Lot of applications such as uTorrent use these type of Methods to Communicate without having Digitally Signed Certificate.
Hi,
Google Chrome is not too much difficult to inject into, although I strongly advise you against this as doing so can cause Injection Failures (If performing a Code Injection), if any structures are left uninitialized moreover AV will flag your application as "Malware" by their heuristic engines.
As for technical details, I visit my blog: [Removed]
Do be aware that even performing a DLL Injection onto a Application such as Google Chrome's Process\Memory Space, can result in failure even in DLL Injection (Most Stable Method) as this techniques vary on the version.
The general rule of the thumb for this is - Older the better, Newer the harder, if there is a Newer version of Google Chrome, which patched this - it will bound to fail. It all boils down to technique you use. To wrap this up, buying a Certificate is more or less easier as using techniques which have fifty-fifty chances of succession.
Snippet of DLL Injection method:
// Rohan Vijjhalwar - MSDN #include <Windows.h> int WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow){ char ie[MAX_PATH]; char dll[MAX_PATH]; GetEnvironmentVariable("programfiles",ie,sizeof(ie)); strcat(ie,"\\Gcogle\\Chrome\\Application\\chrome.exe"); strcpy(dll,lpCmdLine); STARTUPINFO si; PROCESS_INFORMATION pi; ZeroMemory(&si,sizeof(si)); ZeroMemory(&pi,sizeof(pi)); CreateProcess(NULL,ie,NULL,NULL,false,0,NULL,NULL,&si,&pi); HANDLE baseAddress=VirtualAllocEx(pi.hProcess,NULL,256,MEM_COMMIT,PAGE_READWRITE); WriteProcessMemory(pi.hProcess,baseAddress,dll,sizeof(dll),NULL); CreateRemoteThread(pi.hProcess,NULL,0,(LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("kernel32"),"LoadLibraryA"),baseAddress,0,NULL); Sleep(100); TerminateThread(pi.hThread,0); return 0; }Until Next Time,
Rohan Vijjhalwar
这篇关于Google Chrome上的安全保护的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
