Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2017-17692 PoC — Samsung Internet Browser 安全漏洞

Source
https://github.com/specloli/CVE-2017-17692
Associated Vulnerability
Title:Samsung Internet Browser 安全漏洞 (CVE-2017-17692)
Description:Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
Readme
# CVE-2017-17692

### Exploit Title: SOP Bypass
### Date: 06 Septmber 2017
### Software Link: https://play.google.com/store/apps/details?id=com.sec.android.app.sbrowser&hl=en
### Exploit Author: Dhiraj Mishra
### Contact: http://twitter.com/mishradhiraj_
### Website: http://datarift.blogspot.in/
### Category:  Browser

Video PoC: https://youtu.be/x8f-tQaZriQ

## DEMO https://lr3800.github.io/CVE-2017-17692/Demo.html

2. Samsung reply

Dear Dhiraj,

 

We would like to thank you for sharing a potential security issue for Samsung mobile device.

We looked into the issue and found that the issue was already patched.

The patch is already preloaded in our upcoming model Galaxy Note8, and the application will be updated via Apps store update in October.

Thank you very much in advance for your cooperation.

 

Very Respectfully,
Samsung Mobile Security
File Snapshot

 [4.0K]  /data/pocs/125fecc2c75b537f9b7dde297cdb4714ff0c535a
├── [9.5K]  Demo.html
└── [ 860]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →