Google Chrome pkcs11.txt file planting PoC by ACROS Security
Make sure Google is not your selected search engine - if it is, change it to Yahoo or Bing under Options->Basics, then restart Chrome and open this page again.
Make sure you have not visited any HTTPS pages before performing this test. If in doubt, restart Chrome and open this page again.
Copy the following path to the clipboard (Ctrl+C): \\www.binaryplanting.com\demo\
Click this button:
Paste the previously copied path into the File Name field of the Open dialog.
When the countdown reaches 0, a "HACKED!!!" dialog will pop up.
If it didn't work for you, here are some possible reasons:
If the Open dialog never showed the content of \\www.binaryplanting.com\demo\ folder, either you have the Web Client service stopped on Windows XP/Vista or disabled on Windows 7 (it's enabled by default), or your firewall prevents you from accessing shared folders via WebDAV.
If the Open dialog showed the content of \\www.binaryplanting.com\demo\ folder, but only after the timer has reached 0, your connection may be too slow.
If the Open dialog showed the content of \\www.binaryplanting.com\demo\ folder before the timer has reached 0, your firewall may be blocking the download of the remote DLL.
Google may have fixed this in your version of Chrome (we tested this on version 14.0.835.187 m).