Last year I wrote a similar program to Michael Zalewski's with the intent to test browsers AND operating systems security. IE's parser held up fairly well so I didn't pursue testing other "more stable" browsers. However, I did find a few holes in IE like:
IFRAME application/x-www-form-urlencoded> (which will crash pre-IE 6 browsers. It appears to overflow shlwapi.dll)
Next I turned the program to the O.S. and found that Windows coughs on
CALC inp11111111111 (Enter this at in run or from a command prompt)
Slashdot Mirror
Last year I wrote a similar program to Michael Zalewski's with the intent to test browsers AND operating systems security. IE's parser held up fairly well so I didn't pursue testing other "more stable" browsers. However, I did find a few holes in IE like:
c e.html
IFRAME application/x-www-form-urlencoded> (which will crash pre-IE 6 browsers. It appears to overflow shlwapi.dll)
Next I turned the program to the O.S. and found that Windows coughs on
CALC inp11111111111 (Enter this at in run or from a command prompt)
To download my program and/or see more examples go to http://robohoba.temp.powweb.com/publications/bfor
Proof that the ONLY way to approach thorough and complete code/program security is through brute force.