One Article Review
| Source |  RedTeam PL |
|---|---|
| Identifiant | 1798878 |
| Date de publication | 2020-06-24 00:15:32 (vue: 2020-07-09 15:05:42) |
| Titre | Google Chrome fuzzing conclusion |
| Texte | BackgroundThis post will be a summary of a small fuzzing exercise that I was running over the course of a few months (from May 2019 to March 2020) where the focus was mostly on experimental and non-default features of the Google Chrome browser. As described in the first blog post [https://blog.redteam.pl/2019/12/chrome-portal-element-fuzzing.html] domato [https://github.com/googleprojectzero/domato] was used for test case generation due to the reason I wanted to start as soon as possible.Initially it was only about the element. However various other features were added to the fuzzing grammar over time with some of them providing good results as well. Results |
| Envoyé | Oui |
| Condensat | #1033795 #1041406 #1055393 #1065186 #967889 #968142 #971702 #989969 $10 $20 $68 angleas resultsin /crbug 000 000crbug 000cve 000total 13766 2019 2020 6463 about accessibility accessibilitybounty: accessibilityfuzzing accident added additionally affected affecting after all already also amount angle aom api are area article backgroundthis been believe below blog bounty bounty: browser buffer bug bugs but can case cases chrome chromium com/googleprojectzero/domato com/wicg/aom/blob/gh complete components:portals conclusion connection could course crbug css cve default depending derestricted described details detected develop diagram discovered display dom domato drawn due duplicate duplicates during eight element enabled escape except execution exercise experimental explainer eye features finding first flag focus focusing following force found free from functionalities functionality further future fuzzing generation get give good google grammar has have heap here how however html https://blog https://bugs https://github id=1033795 id=1041406 id=1055393 id=1065186 id=967889 id=968142 id=989969 identified impact information initially interesting issue issues issues:crbug its itself just keep least list locking lockingbounty: lockingthis looking march may meaning meant minimized moment months more mostly moved native nevertheless non not nothing noting observed one only opinion order org/p/chromium/issues/detail other over overflow pages pages/explainer passed pl/2019/12/chrome pl/2020/04/google portal portals portalsbounty: portalsdetails possible post process providing public publication published publishing read really reason received redteam regular remain renderer rendering reported restricted results running same sandbox second see seemed separate short simple six small some soon specific start submitted summary summaryhere surprisingly taken target targeted/affected test them time total transformation tree turned two unlikely use used using various very vulnerabilities vulnerability wanted well what when where which will worth writing |
| Tags | Vulnerability |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.