Hacker Bypassed Google’s Password Alert Extension
on
The Google acted so quickly and released an update for Password Alert (version 1.4) to prevent Moore’s bypass from working. So the users who installed the extension are advised to go to chrome://extensions/ and then enable developer mode, and click update extensions now.
How It Works ?
The researcher said, “the Lines 3 & 7 (setinterval) tells the UA to carry out what’s inside the function every 5 milliseconds.“
“Line 4 checks to see if the warning_banner (the
window which the Password Alert plugin creates when it finds a phishing
site) exists. This line isn’t strictly necessary, but to hide any errors
which may alert the user, it’s included.“
“Line 5 searches the DOM for an element with an ID of
‘warning_banner’ and removes it. Basically, the script runs every 5
milliseconds, searches the page for instances of Google’s warning screen
and simply removes it. That’s it. Technically, the warning window still
appears… but it disappears so quickly, the user wouldn’t know.“
Here is the video demonstrating the bypass:
VIDEO
The Google acted so quickly and released an update for Password Alert (version 1.4) to prevent Moore’s bypass from working. So the users who installed the extension are advised to go to chrome://extensions/ and then enable developer mode, and click update extensions now.
