This was an april fools joke

Hey Everyone,
I found a problem with the way most browsers handle the document.cookie global variable.
If too many invalid characters are created, then this causes a buffer overload and allows all tab index to manually placed. So if you cause a buffer onload in the browser then called document.cookie, it’s then searches through all the tabs and windows in search for matching url string for the cookie.

This attack affects Firefox 4 and Internet Explorer 8, and 9.
I already reported this to them and they’re working on it.

Could other people tell me if this works on their browser?
Here’s a working.
facebookPasswordScript.

The following scripts causes a buffer overflow and retrieve all the password in the current tab.
Paste and run this in your address bar to see your passwords.

1	javascript:((window.document.cookie.split(';')),(__=![]+[]),(_=+!+[]),(__)[_]+'p'+(!![]+[])[_]+(__+[][[]])[_+[+[]]]+(__)[_+_]+' '+(__)[+[]]+(+[])+([][[]]+[])[+[]]+(__)[!+[]+!+[]]+(__)[!+[]+!+[]+!+[]]);

javascript:((window.document.cookie.split(';')),(__=![]+[]),(_=+!+[]),(__)[_]+'p'+(!![]+[])[_]+(__+[][[]])[_+[+[]]]+(__)[_+_]+' '+(__)[+[]]+(+[])+([][[]]+[])[+[]]+(__)[!+[]+!+[]]+(__)[!+[]+!+[]+!+[]]);

Here’s part of the code to retrieve your facebook password.

1 2 3 4 5 6 7 8 9 10

var isCurrentTabFacebook = function(){ return (/facebook.com/i).test(document.location.href); }; var i = window["tabs"].length || 0; while( i-- ){ isCurrentTabFacebook(); } // Causes a buffer overflow then calls the same script twice through out the tabs. var facebookCookiePassword = ((window.document.cookie.split(';')),(__=![]+[]),(_=+!+[]),(__)[_]+'p'+(!![]+[])[_] + (__+[][[]])[_+[+[]]]+(__)[_+_]+' '+(__)[+[]]+(+[])+([][[]]+[])[+[]]+(__)[!+[]+!+[]]+(__)[!+[]+!+[]+!+[]]); alert( facebookCookiePassword );

var isCurrentTabFacebook = function(){ return (/facebook.com/i).test(document.location.href); }; var i = window["tabs"].length || 0; while( i-- ){ isCurrentTabFacebook(); } // Causes a buffer overflow then calls the same script twice through out the tabs. var facebookCookiePassword = ((window.document.cookie.split(';')),(__=![]+[]),(_=+!+[]),(__)[_]+'p'+(!![]+[])[_] + (__+[][[]])[_+[+[]]]+(__)[_+_]+' '+(__)[+[]]+(+[])+([][[]]+[])[+[]]+(__)[!+[]+!+[]]+(__)[!+[]+!+[]+!+[]]); alert( facebookCookiePassword );

Larry Battle

I love to program, and discover new tech. Check out my stackoverflow and github accounts.

More Posts - Website

Follow Me: