Description: Some web browsers allows local HTML files to read any file from disk. It also allows the use of javascript on the contents of these files which can be used to upload the contents of these files to any remote server. The victim must download the html file and run it locally.
For the full disclosure of the exploit and exploit download is here:
http://www.dark-masters.tk/site/index.php/full-disclosure/2-stealing-files-using-a-malicious-html-file
Tags: Opera , exploit , files ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Nice technique, are you able to show the HTML source code?
The HTML source code can be downloaded from the link in the description .