CVE-2020-16012

This repository contains a proof-of-concept exploit for CVE-2020-16012, a side-channel vulnerability in Firefox and Chromium's CanvasRenderingContext2D.drawImage() implementation. The exploit demonstrates the recovery of cross-origin image silhouettes via timing attacks.

This repository contains a Proof of Concept (PoC) for CVE-2020-16012, a side-channel vulnerability in Firefox and Chromium's CanvasRenderingContext2D.drawImage() implementation. The PoC includes client-side JavaScript to exploit the timing attack and a Python server to process and visualize the leaked pixel data.

This PoC demonstrates a side-channel attack (CVE-2020-16012) against Chrome 83 by exploiting timing differences in canvas rendering to reconstruct pixel data from a target image. The server collects timing data and generates a grayscale image based on the side-channel leakage.