-
Notifications
You must be signed in to change notification settings - Fork 156
Browser Support
sanktjodel edited this page Apr 9, 2019
·
1 revision
Singularity has been tested to work in the following browsers:
| Browser | Operating System | Time to Exploit |
|---|---|---|
| Firefox | Windows 7 / 10 | ~1 min |
| Chrome | Windows 7 / 10 | ~1 min |
| Firefox | Ubuntu | ~1 min |
| Chromium | Ubuntu | ~1 min |
| Edge | Windows 10 | ~21 to ~49 min |
| Firefox | macOS | ~1 min |
| Chrome | macOS | ~1 min |
| Safari | macOS | ~1 min |
| Chrome | Android | ~1 min |
| Firefox | Android | ~1 min |
| Safari | iOS | ~1 min |
| Firefox | iOS | ~1 min |
The above was tested with Singularity's default conservative settings:
- DNS rebinding strategy:
First then second (default, conservative) - Fetch interval (Web interface): 20s
- Target: 127.0.0.1.
Much faster attacks can be achieved in certain configurations, as detailed in the table below:
| Browser | Operating System | Time to Exploit | Rebinding Strategy | Fetch Interval | Target Specification |
|---|---|---|---|---|---|
| Chrome | Windows 10 | ~3s | Multiple answers (fast) |
1s | 127.0.0.1 |
| Edge | Windows 10 | ~3s | Multiple answers (fast) |
1s | 127.0.0.1 |
| Firefox | Windows 10 | ~3s | Multiple answers (fast) |
1s | 127.0.0.1 |
| Chromium | Ubuntu | ~3s | Multiple answers (fast) |
1s | 0.0.0.0 |
| Firefox | Ubuntu | ~3s | Multiple answers (fast) |
1s | 0.0.0.0 |
| Chrome | macOS | ~3s | Multiple answers (fast) |
1s | 0.0.0.0 |
| Firefox | macOS | ~3s | Multiple answers (fast) |
1s | 0.0.0.0 |
| Safari | macOS | ~3s | Multiple answers (fast) |
1s | 0.0.0.0 |
We will add more platforms as we test them. We elected a delay of 3s to perform DNS rebinding to cater for targets with a poor connection to the internet/network.