please wait
- Forum
- UNIX/Linux Programming
- [0day] Browser Exploit [CODE] Using C++
[0day] Browser Exploit [CODE] Using C++ for this
Mar 30, 2013 at 8:01pmclosed account (ozUkoG1T)
Hi,
I have translated a HTML script into a C++ code which allows the attacker to simple create a Memory Corruption on Morzilla Firefox Version 17.0. These type of attacks are not very effective but interesting when these exploits are triggered these create local issues. Such as the Morzilla Firefox behaving in a different way or loss of saved password to even becoming useless for any purpose. This Exploit is not discovered by me but I have translated this exploit in C++. This is a direct snippet out of my project , a Pentesting Toolkit. This has been tested in Linux SUSE - Enterprice v.11. Such Exploits can again be sold on Black Market for aroung $40,000 but since it is reported by the original creator[s] to Morzilla it is not worth anymore considering Morzilla probably try patch it up.
These Scripts can be used in Bots to make a crash of a Browsers look legitimate and some Browsers has protections , suppose on Windows most of the Top level Browsers such as Google Chrome may have a layer of protection but to make sure those level protections are avoided yet the browser is successfully killed they use these scripts. This will allow these Bots to make sure the Malware is damaging the Interior of the Program rather than the outer so that the Browser will be rendered useless.
CODE:
Please use it responsibly I am not responsible for any Damage you made. This shows Internet Browsers are prone to destruction as well not just AV. Some Bots do this so that the User cannot use that browser due to reasons such as Plugins and such.
Learn From this!
I have translated a HTML script into a C++ code which allows the attacker to simple create a Memory Corruption on Morzilla Firefox Version 17.0. These type of attacks are not very effective but interesting when these exploits are triggered these create local issues. Such as the Morzilla Firefox behaving in a different way or loss of saved password to even becoming useless for any purpose. This Exploit is not discovered by me but I have translated this exploit in C++. This is a direct snippet out of my project , a Pentesting Toolkit. This has been tested in Linux SUSE - Enterprice v.11. Such Exploits can again be sold on Black Market for aroung $40,000 but since it is reported by the original creator[s] to Morzilla it is not worth anymore considering Morzilla probably try patch it up.
These Scripts can be used in Bots to make a crash of a Browsers look legitimate and some Browsers has protections , suppose on Windows most of the Top level Browsers such as Google Chrome may have a layer of protection but to make sure those level protections are avoided yet the browser is successfully killed they use these scripts. This will allow these Bots to make sure the Malware is damaging the Interior of the Program rather than the outer so that the Browser will be rendered useless.
CODE:
|
|
Please use it responsibly I am not responsible for any Damage you made. This shows Internet Browsers are prone to destruction as well not just AV. Some Bots do this so that the User cannot use that browser due to reasons such as Plugins and such.
Learn From this!
Mar 31, 2013 at 1:35pm
Uhm... Besides being malicious HTML... Nothing says a browser cannot keep track of every allocation and make sure on page unload all that memory gets released...
Also this is a plain write-to-file code, it has very few to do with:
1. The section (Unix? What?)
2. C++ (C++? Seriously? This is like copy-pasting some lines of text, why such a waste of memory, ideas and everything?)
Also:
I hope you realize this code won't even compile.
Also making sure you know it wasn't me who reported.
Also this is a plain write-to-file code, it has very few to do with:
1. The section (Unix? What?)
2. C++ (C++? Seriously? This is like copy-pasting some lines of text, why such a waste of memory, ideas and everything?)
Also:
unescape(\"""??""\") I hope you realize this code won't even compile.
Also making sure you know it wasn't me who reported.
Mar 31, 2013 at 2:22pmclosed account (ozUkoG1T)
No , the reason this is in Unix\Linux platform is since this code has been tested on Linux.
Also the code does compile on Visual C++ I actually did it. I promise ,
Also I belive you bro. I know you did not report it.
Also the code does compile on Visual C++ I actually did it. I promise ,
Also I belive you bro. I know you did not report it.
Mar 31, 2013 at 3:15pm
What I mean is, this should be a plain HTML source file and should be put under Lounge...
This isn't directly related to C++.
This isn't directly related to C++.
Mar 31, 2013 at 3:48pm| EssGeEich wrote: |
|---|
| Also: unescape(\"""??""\") I hope you realize this code won't even compile. |
It does compile, but a 2 double quotes inside a literal string expands to nothing. For example:
char test[] = "123""456""";is the same as:
char test[] = "123456";
Mar 31, 2013 at 4:42pm
Never seen code like that being used anywhere. Anyways probably what he wrote isn't what he meant. Or maybe it is.
Mar 31, 2013 at 5:51pm
Last edited on Mar 31, 2013 at 5:51pm
Mar 31, 2013 at 5:54pm
That's even more confusing.
Is that like a fork or something? Is Morzilla different from Mozilla?
Is that like a fork or something? Is Morzilla different from Mozilla?
Mar 31, 2013 at 5:57pm
Last edited on Mar 31, 2013 at 5:57pm
Mar 31, 2013 at 7:26pm
@mordoran That's because the quotes aren't inside the string literal, they're actually separating different string literals. However, in C/C++, consecutive string literals like that are concatenated.
@EssGeEich It's not C++, it's inside a C++ string literal...
@EssGeEich It's not C++, it's inside a C++ string literal...
Apr 1, 2013 at 2:02pm| Also I belive you bro. I know you did not report it. |
Hmm... so does that mean you know who did, bro?
Topic archived. No new replies allowed.