Chrome的AppBound cookie加密机制存在漏洞,其密钥推导过程使用有限熵和可预测输入。攻击者可通过生成可能密钥进行暴力破解,无需特权或代码执行即可解密所有AppBound保护的cookie,破坏其在企业环境中的隔离功能。 2025-6-30 17:10:30 Author: www.reddit.com(查看原文) 阅读量:12 收藏
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
Disclosure: I work at CyberArk
The research shows that Chrome’s AppBound cookie encryption relies on a key derivation process with limited entropy and predictable inputs. By systematically generating possible keys based on known parameters, an attacker can brute-force the correct encryption key without any elevated privileges or code execution. Once recovered, this key can decrypt any AppBound-protected cookies, completely undermining the isolation AppBound was intended to provide in enterprise environments.
如有侵权请联系:admin#unsafe.sh