Safari same origin hole
Background Whilst investigating same origin javascript policy with Ronald from 0×000000.com/, I found another vulerability in Safari 3.02 beta on windows, it could also work on OS X but I haven’t...
View ArticleSafari leaks Google queries
I’ve found yet another hole in Safari, this one leaks search queries or anything in the query string. It works by setting the javascript property “host” and redirects an open window to a page which...
View ArticleClik here to view.
Safari beta zero day
Apple annoy me or rather their security attitude annoys me. I told them about a vulnerability months ago, I persisted and told them again. I got a generic reply from them saying:- ——————————– Hello,...
View ArticleClik here to view.
How I found the Safari exploit
Introduction I hope you found my posts on the Safari security holes interesting, in this post I’m going to try and explain how I think and how I managed to work out an exploit for Safari. This post...
View ArticleiPhone Safari zero day
A friend of mine has just got himself a new iPhone and I asked him to test my Safari Zero day and what do you know, it works! LOL, it is now possible for any web site to read the contents of another...
View ArticleClik here to view.
Safari vulnerability look before you leap
I’m sick and tired with people commentating on my work without either knowing the details or having enough technical expertise to perform a simple test and read the URL bar. Here’s an example, now I’ve...
View ArticleClik here to view.
Safari security
Well what do you do when you report a bug to Apple and the deny it is even a problem? Turn it into a remote one. What do you do when they don’t provide you with any credit whatsoever? Give up? Stop...
View ArticleMinor Safari cross domain bug
I found this while writing Astalanumerator. Safari allows you to overwrite top and parent with native code and maybe other stuff (I haven’t tried). This allows you to define something on domain A and...
View Article
