01 May 2015 - ttys031
[+] Author: ttys031
[+] Team: n0tr00t security team
[+] From: http://www.n0tr00t.com
[+] Create: 2015-05-01
wct.py (part1):
#!/usr/bin/env python
# coding=utf8
# team=n0tr00t
# [email protected]
import random
import string
def _tag():
tags = ["<a href='http://n0tr00t.com/#papapa' title='evil'>", "<abbr title='evil'>",
"<acronym title='evil'>", "<b evil>", "<blockquote cite='evil'>",
"<cite cite='evil'>", "<code t='evil'>", "<del datetime='evil'>",
"<em t='evil'>", "<q cite='evil'>",]
tag = ["<li>", "<s>", "<strike>", "<b>", "<code>", "<hr>", "<tt>"]
return tags, tag
def _str():
asc = []
for i in range(256):
ii = '\\x{}'.format(hex(i)[-2:].upper())
asc.append(ii)
str_payload = ['AAAAAAAA'*100000, 'AAAAAAAAA'*199999,
'\xD8\x34\xDF\x06', ')9\0a;"', '*&":>?&*',
'"436873d;12/\\', '|}{^\/\\/'*19999]
_p = []
for s in range(20):
ppp = '{flag}:{random_str}_{str_payload}'.format(flag=s,
random_str=string.join(random.sample(['a','b','c','d','e','f','g','h','i','j'], 6)).replace(" ",""),
str_payload=random.choice(str_payload),)
_p.append(ppp)
return _p, asc
def _main():
_p, asc = _str()
tags, tag = _tag()
count, payload, payload_tmp = 0, [], []
for t in tags:
for p in _p:
payload_tmp.append('xxxxx{}{}'.format(t.replace("evil", p), random.choice(tag)))
payload_tmp.append('xxxxx{}{}'.format(random.choice(tag), t.replace("evil", p)))
for i in payload_tmp:
count += 1
payload.append('{}|||{}'.format(count, i.replace("papapa", random.choice(asc))))
return payload
if __name__ == '__main__':
_main()