About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

How Cross-Site Frame Counting Exposes Private Repositories on GitHub- 1236

mediPosted 2 Years Ago
  • Cross-site frame counting is a technique for counting the amount of window references (iFrames) from external websites. This is not a vulnerability by itself but can be used to leak private information. For instance, if there's an iFrame for a user logged into a site and no iFrame if not, then this leaks that the user is logged in.
  • - While testing VS-Codespaces integration with Github, the author noticed a quirk about the iFrames:
    • 2 iFrames2 iFrames: The private repository exists but the file does not.
    • 1 iFrame: The private repository exists and the file both exist.
    • 0 iFrames: The private repository does not exist.
  • So, we can determine the state of a user based upon the number of frames. Neat! The exploit is a loop of opening a location in the browser by setting the win.location and checking how many frames were loaded.
  • How do you fix this? You load a consistent number of iFrames no matter the state. Overall, interesting bug with pretty significant impact.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed