├── 1.png ├── 2.png ├── 3.png ├── ExifScan.zip ├── README.md ├── background.js └── manifest.json /1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yuLinnnn/ExifScan/1421017c7d80a8a7a8836d952dc7a5ef7838deaa/1.png -------------------------------------------------------------------------------- /2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yuLinnnn/ExifScan/1421017c7d80a8a7a8836d952dc7a5ef7838deaa/2.png -------------------------------------------------------------------------------- /3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yuLinnnn/ExifScan/1421017c7d80a8a7a8836d952dc7a5ef7838deaa/3.png -------------------------------------------------------------------------------- /ExifScan.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yuLinnnn/ExifScan/1421017c7d80a8a7a8836d952dc7a5ef7838deaa/ExifScan.zip -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ExifScan 2 | 3 | 一款Chrome插件 4 | 5 | 漏洞+案例介绍 -> https://shahjerry33.medium.com/exif-data-exposure-9bdd6c2c4f2a 6 | 7 | 对图片右键检测,存在和不存在都会弹窗 8 | 9 | 原理 -> 加载图像的二进制数据,然后检查前几个字节以查看是否存在Exif标识符 10 | 11 | 一般检测Exif漏洞 国内SRC不收 hackerone不收 Bugcrowd 50~100刀一个 12 | 13 | image 14 | -------------------------------------------------------------------------------- /background.js: -------------------------------------------------------------------------------- 1 | chrome.contextMenus.create({ 2 | title: "Exif漏洞检测 By:yuLin", 3 | contexts: ["image"], 4 | onclick: function(info, tab) { 5 | var imageUrl = info.srcUrl; 6 | var xhr = new XMLHttpRequest(); 7 | xhr.open("GET", imageUrl, true); 8 | xhr.responseType = "arraybuffer"; 9 | xhr.onload = function() { 10 | var buffer = xhr.response; 11 | var dv = new DataView(buffer); 12 | var exif = dv.getUint16(0, false) == 0xFFD8 && dv.getUint16(2, false) == 0xFFE1 && dv.getUint32(4, false) == 0x45786966; 13 | if (exif) { 14 | alert("存在Exif漏洞"); 15 | } else { 16 | alert("该漏洞不存在"); 17 | } 18 | }; 19 | xhr.send(); 20 | } 21 | }); 22 | -------------------------------------------------------------------------------- /manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Exif漏洞检测", 3 | "version": "1.0", 4 | "description": "在图片上右键点击,检测是否存在EXIF漏洞", 5 | "icons": { 6 | "16": "1.png", 7 | "48": "2.png", 8 | "128": "3.png" 9 | }, 10 | "permissions": ["contextMenus"], 11 | "background": { 12 | "scripts": ["background.js"] 13 | }, 14 | "manifest_version": 2 15 | } 16 | --------------------------------------------------------------------------------