Jump to content

Tor Browser ( Firefox 41 < 50 ) - Code Execution 0


Recommended Posts

  • Administrator
# TOR Browser 0day : JavaScript Exploit !

 

## Works on Firefox versions 41 - 50

 

### The critical vulnerability is believed to affect multiple Windows versions of the open source Firefox web browser as far back as Firefox version 41, and up to Firefox version 50. When exploit opened by a Firefox or Tor Browser with Javascript enabled on a Windows computer, it leverage a memory corruption vulnerability in the background to make direct calls to kernel32.dll, which allows malicious code to be executed on computers running Windows. Makes redirect to '/member.php' after code execution

 

- - -

 

This is an Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown but it's getting access to "VirtualAlloc" in "kernel32.dll" and goes from there. Please fix ASAP. I had to break the "thecode" line in two in order to post, remove ' + ' in the middle to restore it. - SIGAINT

 

 

 

Download:
This is the hidden content, please

 

# 0day.today [2018-03-09] #

 

 

 


Link to comment
Share on other sites

  • 3 weeks later...
  • 4 weeks later...
  • 1 year later...
  • quix featured and pinned this topic
  • quix unpinned this topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...