Manuel Caballero
@magicmac2000
Followers
4K
Following
2K
Media
77
Statuses
212
Independent Security Researcher. Perpetual Student of Life :)
Buenos Aires, Argentina
Joined March 2009
MS Edge - Address Bar Spoof - https://t.co/uus2UX7h3p Tested on: MS Edge 42.17134.1.0 Thanks @knowledge_2014, your question inspired me to test a bit and stumbled upon this bug.
19
318
539
IE11 - Find out where the user is going AND what she typed into the address-bar. https://t.co/wzNFI0owkW Video: https://t.co/hbAci4mBaz
10
116
177
June's update: all SOP bypasses patched, but the "reading-mode" one, IMO, incomplete. See the screenshot below, @msftsecresponse Thanks! π
1
7
28
If anyone "exploits" Edge in a sec. conf, demand her to open cmd.exe instead of calc.exe. The latter can be open without vulns at all.
8
36
97
@msftsecurity @googlechrome 8 days later, Chrome is patched. Issue will become public soon [ https://t.co/k20Z41m7Kh ] From MSRC? Just the default thanks message. π’π
1
1
5
IE11 - popUp blocker bypass - Combined with zombie alerts? popUps from everywhere! https://t.co/e3UWruG46z Video: https://t.co/rXK9YaHqya
4
28
50
Same issue sent to both @msftsecurity and @googlechrome . Instead of testing the browser speed, let's check the patching time speed! π° vs π’?
3
5
31
MS Edge - UXSS/SOP bypass. [Open/Redirect/Data]. Steal cookies, passwords and more. https://t.co/xdoUncPvs3 Video: https://t.co/f15lRUkNKj
8
153
211
The Intranet bug was patched, but both UXSS/SOP bypasses are still alive. Also another one is coming out soon. π "Bounty" ends next week.
4
16
37
MS Edge - Spoofing the Malware Page was patched today *and bypassed* again. Spoof the user again! (1 byte change) π https://t.co/KlMyXdhT8C
3
52
50
I didn't know that in Intranet Zone, Edge automatically opens xaml/xbap files out of the AppContainer. Interesting to jmp from Edge to IE.π°
0
4
20
UXSS/SOP bypass in several programs that use the Trident engine. The IE Tab extension for Chrome is an example. https://t.co/4HQCiZvMf0
2
20
33
MS Edge - UXSS/SOP bypass. A different method which brings us even more bugs other than UXSS. Blog once the previous ones (2) are patchedπ’
4
43
70
MS Edge - SOP bypass / UXSS - "Tweeting like Charles Darwin" π€£ https://t.co/X1e0mlzpf4 One minute video: https://t.co/Uh7twHGGYT
12
142
209
Another (different!) Microsoft Edge SOP bypass on the same week! π€π Bug hunter: I will blog on the weekend. Thanks for your patience!
4
42
107
MS Edge - SOP bypass abusing of the reading mode view. Spoof the user! Courtesy of the read: pseudo-protocol π€£π https://t.co/Ms1PoYxgJP
4
175
207
Microsoft Edge - Detecting Installed Extensions from JS A generic method that works without manifest cooperation. π€£ https://t.co/nHEAAoHKg1
4
61
90
MS Edge - Defeating the popUp blocker, the XSS filter and SuperNavigate with our fake ticket to the Intranet Zone π€£ https://t.co/vL61RlLQt3
2
91
114
MS Edge Referrer Spoof - How to spoof the referrer even after MS patch. π±(also, inject an iframe everywhere) π¬ https://t.co/KUoDZRJTix
4
98
138
UXSS/SOP bypass on IE: more adventures in a domainless world, thanks to incomplete and non-backported patches. π€π¬ https://t.co/xsNSckne4O
3
73
91