This shader appears to cause VRAM data to be output. This allows a malicious WebGL web page to capture and upload the contents of other browser tabs in Chrome and the stock browser.
Here is an example of an image captured by our proof-of-concept malicious web page. The image shows the contents of another browser tab that was showing a banking web page.
[Shaders, screenshots, error log, reproduction steps, platform info, etc.] [ZIP]
This shader appears to cause VRAM data to be output. This allows a malicious WebGL web page to capture and upload the contents of other browser tabs in Chrome and the stock browser.
Here is an example of an image captured by our proof-of-concept malicious web page. The image shows the contents of another browser tab that was showing a banking web page.
We have not included the shader files.