Feature ArticlesProtect Your Information

Hijacking Opera’s Native Page using malicious RSS payloads

Despite the relative popularity of browsers such as Google Chrome, Internet Explorer, and Safari, indigenous to their respective company’s operations system (i.e. Apple OSX, Windows 8, etc.), it still seems as though less known browsers are still prone to malevolent control and software manipulation.

Opera Browser, 2nd fastest at 174.4 ms and narrowly behind Safari, is apparently showing a crack in an exploitable flaw.

Users are now able to achieve full control of the Opera Browser of target user. How does the method of delivery operate? RSS.

The subject of the malicious intent is in some way persuaded towards visiting an RSS link. As Opera completes loading of the URL, “being Javascript in various RSS feed entries gets executed in the context of the calling site… [then] the untrusted rss feed content lands up in the Opera’s Feed Subscription Page.”

By simply moving such target towards processing your javascript in the feed subscription page, you gain control of Opera and its functions. Unfortunately, it seems as though Opera only went half the distance when they pondered the situation and concluded that untrusted content was best beat back by permitting only certain html tags. As a result, xss attacks used by malicious users do not have the same effect.

So users, be aware of the developments out there, and knowledge yourself to gain the highest potential out of when you use your browser.

chrome browser security
Previous post

Exploiting Chrome and Opera’s inbuilt ATOM/RSS reader with Script Execution and more

Next post

Millions of PDF invisibly embedded with your internal disk paths