Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Malicious version of Firefox in India

GSamartian
GSamartian
more options

Hi,

I'm using firefox in India and I suspect the Indian communications and broadcasting ministry is serving up bad pages and not allowing freedom of internet as it is supposed to be.

Specifically, I have found some code that may be used to overrun the buffer. A video was posted and the following code was included in the home page, making it possible for a buffer overflow attack. The codebox is as below:

Screenshot is attached: https://www.facebook.com/photo.php?fbid=955998114414292&set=pcb.955999311080839&type=1&theater

Malicious code segment: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAeAAAAEOCAMAAABmRDRVAAADAFBMVEUAAACnmKK6qKnJu8Do0cvizcj/9/D84dPXxMblz8n/8ujUwsX/9OzOvsT//fzcyMj+5NRmicL02s/fy8n/+/fRwMX33tBuj8baxsb13NAgGhzr08vv187/7+T/7eDIucPLu8M1Ki4cFhl9otzeycby2c/t1cwvJSo+Mzz/+fQ7Ljg2KzVBNjEnHyUjGiQ7MTDAtMH539I8Mza7sMA7KzBGOjT/59fDtcEwJzGvpr0XEhQ+KyorHyv//Po6Jyfjvpqyqb5DNEH <and so on till 67695 chars in total including my text above>

Hi, I'm using firefox in India and I suspect the Indian communications and broadcasting ministry is serving up bad pages and not allowing freedom of internet as it is supposed to be. Specifically, I have found some code that may be used to overrun the buffer. A video was posted and the following code was included in the home page, making it possible for a buffer overflow attack. The codebox is as below: Screenshot is attached: https://www.facebook.com/photo.php?fbid=955998114414292&set=pcb.955999311080839&type=1&theater Malicious code segment: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAeAAAAEOCAMAAABmRDRVAAADAFBMVEUAAACnmKK6qKnJu8Do0cvizcj/9/D84dPXxMblz8n/8ujUwsX/9OzOvsT//fzcyMj+5NRmicL02s/fy8n/+/fRwMX33tBuj8baxsb13NAgGhzr08vv187/7+T/7eDIucPLu8M1Ki4cFhl9otzeycby2c/t1cwvJSo+Mzz/+fQ7Ljg2KzVBNjEnHyUjGiQ7MTDAtMH539I8Mza7sMA7KzBGOjT/59fDtcEwJzGvpr0XEhQ+KyorHyv//Po6Jyfjvpqyqb5DNEH <and so on till 67695 chars in total including my text above>

All Replies (1)

the-edmeister
the-edmeister
  • Moderator
more options

That video is a Firefox Start Page promo from Mozilla that started its "run" this past Monday. Should be gone in a week, to be replaced by another promo.

As far as data:image/png;base64, content - that's an inline data "image" http://stackoverflow.com/questions/5242319/what-does-this-mean-image-pngbase64.