[37055] in bugtraq
python does mangleme (with IE bugs!)
daemon@ATHENA.MIT.EDU (ned)
Mon Oct 25 11:18:43 2004
Date: Sat, 23 Oct 2004 21:36:32 -0700 (PDT)
From: ned <nd@felinemenace.org>
To: bugtraq@securityfocus.com
Cc: full-disclosure@lists.netsys.com, <lcamtuf@ghettot.org>
Message-ID: <Pine.LNX.4.44.0410232125460.18307-100000@felinemenace.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
i've made a port of mangleme:
http://felinemenace.org/~nd/htmler.py
with a few extra quirks (such as file extentions/url types)
it finds IE bugs after roughly 2.5 -> 3 hours and they are at:
http://felinemenace.org/~nd/crash_ie/
They are not the null pointer dereference that Michal found (which
curiously seems to not own my 6.0.2800.1106.xpsp1?) but some other
probably non-exploitable problems!
htmler.py doesn't use CGI like mangleme but generates webpages in the
directory 'html1' numbered 0.html to n.html. 0.html then uses a refresh to
load 1.html and so on with little user interaction required!
anyway, if you find bugs with it, don't sell to anyone/notify vendors!
- nd
--
http://felinemenace.org/~nd - "eat a duck"
