I've created this simple HTML page to test the CSS webkit filter DoS attack created by pwnsdx
Original Git here: https://gist.github.com/pwnsdx/ce64de2760996a6c432f06d612e33aea"
Original Tweet here: tweet/pwnsdx
The page would be this:
The Exploit it works on Safari and IE (and i think Edge) on Windows, Safari (Mac iPhone, iPad etc.),
and some user he says it also works on Ubuntu, but I do not know what browser it is...
Don't works on Chrome, Opera and Mozilla (I wonder why it does not surprise me ....).
In practice with this technique you can crash the browser,
regardless of whether it is on PC, smartphone, etc.
On iPhone and Mac (and Ubuntu maybe) can also restart the the machine.
The original version used a background encoded image in base64,
i have instead used a normal url to make the code easier to study.
Test at your risk here: https://jonnybanana.github.io/safari-ie-reaper.github.io/
Here instead i have put on the site the original version make by pwnsdx:
https://jonnybanana.github.io/safari-ie-reaper.github.io/Original_Version
I also made a short video showing the bug, just click on the image below: