Warnings on the download page

H D Moore torspam at metasploit.com
Fri Mar 9 01:56:34 UTC 2007


On Thursday 08 March 2007 19:05, Mike Perry wrote:
> Actually, I'm also curious about your on-the-fly applet tag
> generation. Were you aware that it would bypass that
> security.enable_java setting or was it just a general evasive thing
> you did for filtering? Do you have any information if this is specific
> to certain versions/JVMs or if it is a universal hack?

This wasn't meant to be evasive and does not bypass the enable java 
setting on my browser (latest firefox + sun-jre-1.6.0). The reason for 
generating the applet tag on the fly is to enable injection by embedding 
a <script src=""> into an HTML response.

> Have you contacted the Firefox people?

I didn't realize it was a vulnerability. I went to about:config, 
configured this setting to false, and the Java applet no longer loads on 
my system. What systems have you seen this fail on?

-HD



More information about the tor-talk mailing list