Tor (Firefox 41 < 50) - Code Execution

EDB-ID:

44267

CVE:

N/A

Author:

649

Type:

local

Platform:

Windows

Published:

2016-12-01

# TOR Browser 0day : JavaScript Exploit !
## Works on Firefox versions 41 - 50
### The critical vulnerability is believed to affect multiple Windows versions of the open source Firefox web browser as far back as Firefox version 41, and up to Firefox version 50. When exploit opened by a Firefox or Tor Browser with Javascript enabled on a Windows computer, it leverage a memory corruption vulnerability in the background to make direct calls to kernel32.dll, which allows malicious code to be executed on computers running Windows.
<i>Makes redirect to '/member.php' after code execution</i>

- - -

This is an Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown but it's getting access to "VirtualAlloc" in "kernel32.dll" and goes from there. Please fix ASAP. I had to break the "thecode" line in two in order to post, remove ' + ' in the middle to restore it. - SIGAINT



Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44267.zip