DoS exploit Chrome and some other browsers
Remember the post about Skype exploit ?
Today , there was a similar exploit for the Chrome browser and some browsers on its engine, which causes browsers to fall entirely or only on a single page.
Description available on the bug tracker: code.google.com/p/chromium/issues/detail?id=533361
What is the essence:
If the browser sees a link like this:
Example of 16 characters:
(that is, at the end of the address of any site add " %% 30% 30 ")
here's what happens:
Chrome
When you insert a link into the address bar and press Enter, the browser crashes completely.
And if somewhere on the page there is such a link, then when you hover the mouse over it, this browser page falls
Opera
Also when you hover the mouse falls
')
IE
Error message, but the browser does not crash.
Firefox
There are no errors from the browser, it does not fall. (Browser version: 40.0.2)
Steam
If such a link is inserted into the activity tape, the client “freezes” on this page. That is, you can, for example, open a library of games, play, chat with friends, but you cannot go to the store or your profile. In the browser, the stim will remain open tape activity. Helps restart the client. You can remove the link after testing from the feed using Firefox.
UPD:
Many forums have bb-code to insert images. So, if on some forum in the message insert a "picture" of the form:
then when you go to the forum page with such a picture, browsers will fall. And all the tabs are falling with this site. Those. if for example you posted a picture in the site.com/forum/1254 topic, then when you open this page in a new tab from the page site/forum/ then both tabs will drop at once. If you open in a new window, only the new window will fall.
The forums on the engine "IP.Board" does not work, because You cannot insert such a bb-code: "It is forbidden to use such an extension for images on the forum." You can try using other code, for example instead of [img] - [youtube].
Mobile versions of the browser are also vulnerable.
Today , there was a similar exploit for the Chrome browser and some browsers on its engine, which causes browsers to fall entirely or only on a single page.
Description available on the bug tracker: code.google.com/p/chromium/issues/detail?id=533361
What is the essence:
If the browser sees a link like this:
http://habrahabr.ru/%%30%30 Example of 16 characters:
http://a/%%30%30
(that is, at the end of the address of any site add " %% 30% 30 ")
here's what happens:
Chrome
When you insert a link into the address bar and press Enter, the browser crashes completely.
Screenshot
And if somewhere on the page there is such a link, then when you hover the mouse over it, this browser page falls
Screenshot
Opera
Also when you hover the mouse falls
Screenshot
')
IE
Error message, but the browser does not crash.
Screenshot
Firefox
There are no errors from the browser, it does not fall. (Browser version: 40.0.2)
Steam
If such a link is inserted into the activity tape, the client “freezes” on this page. That is, you can, for example, open a library of games, play, chat with friends, but you cannot go to the store or your profile. In the browser, the stim will remain open tape activity. Helps restart the client. You can remove the link after testing from the feed using Firefox.
UPD:
Many forums have bb-code to insert images. So, if on some forum in the message insert a "picture" of the form:
[img]http://habrahabr.ru/%%30%30[/img]
then when you go to the forum page with such a picture, browsers will fall. And all the tabs are falling with this site. Those. if for example you posted a picture in the site.com/forum/1254 topic, then when you open this page in a new tab from the page site/forum/ then both tabs will drop at once. If you open in a new window, only the new window will fall.
The forums on the engine "IP.Board" does not work, because You cannot insert such a bb-code: "It is forbidden to use such an extension for images on the forum." You can try using other code, for example instead of [img] - [youtube].
Mobile versions of the browser are also vulnerable.
Source: https://habr.com/ru/post/267229/
All Articles