Ninety percent of the IE vulnerability-a vulnerability warning-the black bar safety net

ID MYHACK58:62200819743
Type myhack58
Reporter 佚名
Modified 2008-07-20T00:00:00


JavaScript IE 6 vulnerability

Its use of code as follows:

<script type="text/jscript"> function init() { document. write("The time is:" + Date() );

} window. onload = init; </script>

Using this code you can hide the page in front of html code, run after it can only see the javascript statement inside the implementation of the code.

And after refresh also no longer see Web site source code, and can use javascript to execute arbitrary code.

In fact, hanging horse not to be missed the best time.

Test method:

<h1>ncph of something<i>before</i></h1> <br> the <b>JavaScript</b>... ncphncph

<script type="text/jscript"> function init() { document. write("The time is now:" + Date() );

} window. onload = init; </script>

And <u>ncph of something</u> after the <b>JavaScript</b>

Save the above code as an html page look.

If only to see the above time, just to prove you ie also the presence of this vulnerability. (The front and back of the code?^.^)

Believe slightly understand a little html language people know what the use of it.

Now ninety percent of a few of the ie are the presence of this vulnerability.

In xp sp2 2 0 0 0 sp4 2003sp1 test through here noted under the Baidu post bar, really his grandmother's trash, where I made this post it

Turned out that the inside contains advertising, deleted half and then, say that I'm content with what's prohibited character. In short, is garbage! Despise of the......