Zero-Day no Firefox pode expor usuários do Tor na Deep Web

Share Button

O código usado no exploit é um javascript que é executado na memória do Windows que enviado para o Firefox expõem informações privadas dos usuários.

>>>>> Ver o exploit aqui!

This is an Javascript exploit actively used against TorBrowser NOW. It
consists of one HTML and one CSS file, both pasted below and also
de-obscured. The exact functionality is unknown but it's getting access to
"VirtualAlloc" in "kernel32.dll" and goes from there. Please fix ASAP. I
had to break the "thecode" line in two in order to post, remove ' + ' in
the middle to restore it.

A vulnerabilidade pode ser explorada em versões do Firefox, desde 41 até 50.

Share Button

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.