JavaScript exploit : Firefox version 41 - 50 are affected. Easy fix by disabling JavaScript (use NoScript for better leverage). Victim must visit website using correct version of Tor in order to be potentially deanonymized.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

TOR Browser 0day : JavaScript Exploit !

Works on Firefox versions 41 - 50

The critical vulnerability is believed to affect multiple Windows versions of the open source Firefox web browser as far back as Firefox version 41, and up to Firefox version 50. When exploit opened by a Firefox or Tor Browser with Javascript enabled on a Windows computer, it leverage a memory corruption vulnerability in the background to make direct calls to kernel32.dll, which allows malicious code to be executed on computers running Windows.

Makes redirect to '/member.php' after code execution