Remote Code Execution without Sandbox Escape

  • To provide a testing environment for this vulnerability, Chrome will be launched without the Sandbox feature chrome.exe –no-sandbox.
  • The URL of the researcher will be accessed – this URL needs to be reachable to the phone by having your laptop or USB key contain a payload that will be served by a web server (yours or provided by us).
  • Code will be executed due to the access of this URL.
  • This will be the only interaction allowed with Chrome (the URL placement and opening of it), any additional popup or question presented to the user will not be considered as RCE and will be considered a social engineering vulnerability and will not qualify as an RCE.

Comment on this FAQ

Your email address will not be published. Required fields are marked *