HOW I AM ABLE TO CRASH ANYONE’S MOZILLA FIREFOX BROWSER BY SENDING AN EMAIL
2022-1-10 12:36:4 Author: infosecwriteups.com(查看原文) 阅读量:16 收藏

Sam

Hi, Hope you guys are doing well, Here is the story of how I am able to crash anyone’s Mozilla firefox by just sending a single email.. let’s start.

I am hunting on google’s Gmail, And after 3 days of trying I am not able to find anything, then I just randomly thought to put a lot of emojis in a single email and send it to someone to see what happens. I just used a very large number of emojis and special characters like this :

You can download the payload file here: https://github.com/SAM0-0/payloads

At first thought google can handle anything like this, Still, I tried to do it,

I added a lot of emojis to the title of the email and body of the email.

And sent it to my second account, I always use firefox So I opened the second email in hope that it will crash and boom💥. My firefox just crashed by just clicking on the received email. So I tested the same thing on chrome and what? It’s not working on chrome, Everything is just working smoothly, Then I tried on duckduckgo and boom 💥 , Crashed it, Then tried on people’s favorite browsers windows explorer, and EDGE both are crashing too, danggg.

And I was like :

I’ve reported this to firefox and they took it as a performance upgrade and not as a security issue😥, But they fixed it in firefox version 93 as a new upgrade, Yay!!!!!

As they said firefox is loading every single emoji as an image, so it is the main cause of the crash, As I understood.

I hope you guys enjoyed the post! Stay tuned for more writeups. Will publish many soon.

Thanks for reading and please ignore any mistakes and my grammar too😅, You guyz can follow me on Twitter: @__sam0_0


文章来源: https://infosecwriteups.com/how-i-am-able-to-crash-anyones-mozilla-firefox-browser-by-sending-an-email-a12563cc8d79?source=rss----7b722bfd1b8d--bug_bounty
如有侵权请联系:admin#unsafe.sh