Warnings on the download page
H D Moore
torspam at metasploit.com
Fri Mar 9 01:56:34 UTC 2007
On Thursday 08 March 2007 19:05, Mike Perry wrote:
> Actually, I'm also curious about your on-the-fly applet tag
> generation. Were you aware that it would bypass that
> security.enable_java setting or was it just a general evasive thing
> you did for filtering? Do you have any information if this is specific
> to certain versions/JVMs or if it is a universal hack?
This wasn't meant to be evasive and does not bypass the enable java
setting on my browser (latest firefox + sun-jre-1.6.0). The reason for
generating the applet tag on the fly is to enable injection by embedding
a <script src=""> into an HTML response.
> Have you contacted the Firefox people?
I didn't realize it was a vulnerability. I went to about:config,
configured this setting to false, and the Java applet no longer loads on
my system. What systems have you seen this fail on?
-HD
More information about the tor-talk
mailing list