« Home | Black Hat » | Fun with WSH » | My first impressions of the new Backtrack » | Beta Version of the Final Release of Back Track no... » | The new Internet Explorer 0-day createTextRange on... » | Nmap Idle Scanning and Linux » | Exploiting X-11 forwarding in SSH » | Bypassing Windows DEP » | Using socketNinja.pl with the Metasploit Framework... » | About the body Onload Internet Explorer Vunerabili... » 

Monday, July 03, 2006

Browser fuzzing

So, H.D. Moore (you know, from the Metasploit project) has been up to a lot of Web Browser Fuzzing lately. He is publishing a browser bug a day at: http://browserfun.blogspot.com. He has several tools for browser fuzzing including hamachi , CSS-Die, Dom-Hanoi. And then, long ago someone had invented Magle-me.

One of the problems with web browser fuzzing is that the scripts take so long to execute that the browser keeps prompting you asking if you want to continue the script. Luckily, in Mozilla Firefox, there is a way to disable this. just go to about:config. This will bring up all of the advanced configuration options for Mozilla Firefox. Setting dom.max_script_run_time to zero should make Firefox run smoothly without complaining.

Under Internet Explorer, you should be able to disable the script timeout by going to HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Styles. (Create that if it doesn't exist.) Create a new DWORD value called "MaxScriptStatements" under this key and set the value to the desired number of script statements. By setting this number to an astronomically high number, you should be able to (mostly) avoid the annoyance of having to keep telling the script to continue all the time.

I haven't fully tested this yet. So, let me know if it works or not for you.

Oh, and this can have bad side effects for you if the javascript has an infinite loop in it, it will probably just lock up your web browser (at least with firefox). You could also considering setting the timeout to a really high value in Mozilla Firefix instead of zero, which is unlimited.

With other browsers, you are on your own.

E-mail this post

Remenber me (?)

All personal information that you provide here will be governed by the Privacy Policy of Blogger.com. More...

Add a comment