PornoSecurity

Hi There!

Posted on 2009-03-30 20:05:14 in PornoSecurity

All work and no sploits makes k`sOSe a dull boy. :)

I bet that you all have seen the firefox thing right? Just to clarify: it is definitely exploitable, actually I got code execution in my lab on both linux and windows.

That's all, there could be reliability problems, but hey.. it is exploitable, ok?

So please stop asking me this I got my mailbox full of: "it's a null pointer deref!". No! it's not. The PoC published dies dereferencing 0x00000000 yes, but the value of that pointer is actually influenced by the stylesheet layout. So, make your own homeworks if you want to exploit this.

I'm waiting to publish other things that are quite useful if you are a pentester because we speak about software that you often find in enterprise networks. So, be patient and stay tuned.

Nick  

2009-04-03 18:39:31  

snip: All work and no sploits makes k`sOSe a dull boy. :) All work and no sploits makes k`sOSe a dull boy. :) All work and no sploits makes k`sOSe a dull boy. :) All work and no sploits makes k`sOSe a dull boy. :) All work and no sploits makes k`sOSe a dull boy. :) All work and no sploits makes k`sOSe a dull boy. :) All work and no sploits makes k`sOSe a dull boy. :) All work and no sploits makes k`sOSe a dull boy. :) All work and #for i in `ps -ef | grep xscreensaver | awk '{print $8}'; do killall $i; echo -e "sounds good\n"; done; sounds good #

---