Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

How to crash IE (win) in one eash step

mrjamin

mrjamin

macrumors 65816
Original poster
Feb 6, 2003
1,161
1
Strongbadia
easy,

Code: 
<html>
<form>
<input type crash>
</form>
</html>

Thats right, 5 lines of HTML, 3 tags, will crash internet explorer.

THATS why i'm a mac user...


MrJ
 
Just tested in Virtual PC and it's true, but it appears that on recent service packs they have fixed the bug.
 
It's just simple HTML, so you need to put it into a plain text document (Text Edit). Copy paste those 5 lines (presuming OS X here), go to format: Make Plain Text, go to save as. Call the file crash.html and click save, it will ask you if you want to append .txt as well which would make the file crash.html.txt, which we don't want, so click "Don't append". You now have your html document. :)

I might as well put one on my site to save you all the trouble: http://wesley.wsgurus.com/crash.html
 
OK, Wes, I have save the html file to my desktop, and it has the extension .txt. What do I do next? Put it on some Windows computer?
 
Well hopefully by clicking don't append the .txt wouldn't have been there, but remove it and rename it, crash.html, then try to open it in Internet Explorer on an old pc, it won't work on recent XP builds.
 
That's great! now I just need to test it.....

I don't have easy access to a windoze computer right now so I will try it later, but on the mac, nothing happens, even when I use the debug menu to choose the agent as MSIE for Windows 6.0 Safari is fine....
 
mrjamin said:
easy,

Code: 
<html>
<form>
<input type crash>
</form>
</html>

Thats right, 5 lines of HTML, 3 tags, will crash internet explorer.

THATS why i'm a mac user...
MrJ
Click to expand...

When I pasted into an HTML file to test, as soon as the file was saved I got this from Trend Micro Antivirus (PC cillin 2005?). This is the beta that plugs into SP2 Security Center (see pic). I'll disable and run, then edit this post.

Edit: After disabling Trend, IE loaded the page without crashing which is in the second pic. I guess it's been patched. I believe all browsers have at some time been vulnerable to HTML bugs, parser glitches, etc. What matters is that they get fixed.

Security Center is pretty nice BTW. Disabling Trend put a red warning shield in the status tray notifying me that it was disabled ad to click on it to turn it back on. Security, and hackers are here to stay, if the Mac platform continues to grow, and even if it does not and keeps boasting, it will see more and more deleterious attention. TCP/IP is vulnerable, Cisco is vulnerable, now that's scary.
 

Attachments

  • htmlcrasher.JPG
    htmlcrasher.JPG
    35.8 KB · Views: 128
  • result.JPG
    result.JPG
    18.1 KB · Views: 113
Ok, I still haven't tested it, but certain comments gave me an idea..

I believe that you can set a file on your hard drive to be your homepage, so, first make it a hidden file on an unwitting PC user's machine which you have access to, then, go into IE and set that file to load as the homepage.... for removal, just delete the file, but it could give someone more reasons to switch if played out correctly....
 
cjc343 said:
Ok, I still haven't tested it, but certain comments gave me an idea..

I believe that you can set a file on your hard drive to be your homepage, so, first make it a hidden file on an unwitting PC user's machine which you have access to, then, go into IE and set that file to load as the homepage.... for removal, just delete the file, but it could give someone more reasons to switch if played out correctly....
Click to expand...

Much better to change the default homepage in IE to the link I posted, then IE will crash on start-up! Just play dumb ;) ;) "Sorry man, I don't know what to tell you, looks like you're ****ed."

Reminds me of the nifty trick to but a Shut Down AppleScript in the Start-up items! :D
 
LOL that's great. Anybody know specifically which versions of Win IE are affected?
 
cjc343 said:
That's great! now I just need to test it.....

I don't have easy access to a windoze computer right now so I will try it later, but on the mac, nothing happens, even when I use the debug menu to choose the agent as MSIE for Windows 6.0 Safari is fine....
Click to expand...

that's because the user agent doesn't use that browser's engine or any of it's code, it just sends the data that that browser and os opened that page.

nice idea stoid :D
 
mmm... NOP!

Not even close!

I've tested that with several systems and diferent antivirus and nothing happened...

Beside this, there are a hundred ways to crash any browser... :cool:
 
lëö said:
Not even close!

I've tested that with several systems and diferent antivirus and nothing happened...

Beside this, there are a hundred ways to crash any browser... :cool:
Click to expand...

Then your systems had already been patched and your antivirus software isn't set to recognize it (DAT versions, scan settings, etc.).

You got any ways to crash other browsers that come anywhere near the simplicity of this one?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back