API tools faq
paste
Advertisement
Guest User

BeyondTrust Regex Smash

a guest
May 13th, 2015
3,361
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
VBScript 2.41 KB | None | 0 0
raw download clone embed print report
  1. <!--
  2.   _                                _ _                  _  
  3.  | |                              | | |                | |  
  4.  | |__   ___ _   _  ___  _ __   __| | |_ _ __ _   _ ___| |_
  5.  | '_ \ / _ \ | | |/ _ \| '_ \ / _` | __| '__| | | / __| __|
  6. | |_) |  __/ |_| | (_) | | | | (_| | |_| |  | |_| \__ \ |_
  7.  |_.__/ \___|\__, |\___/|_| |_|\__,_|\__|_|   \__,_|___/\__|
  8.               __/ |                                        
  9.              |___/                                          
  10.                                                [regex smash]
  11. copypasted fuzzer that found MS15-053 - CVE-2015-1686
  12. i pity the fool that dont enable gflags
  13. -BF
  14. -->
  15. <HTML>
  16. <head>
  17. <meta http-equiv="x-ua-compatible" content="IE=10">
  18. </head>
  19. <body >
  20. <script type="text/vbscript">
  21. On Error Resume Next
  22.  
  23. function RandomString()
  24.     Randomize()
  25.     dim CharacterSetArray
  26.     CharacterSetArray = Array(_
  27.         Array(20, "abcdefghijklmnopqrstuvwxyz0123456789{}[]()+\\^$@?.,-"), _
  28.         Array(1, "{}[]()+\\^$@?.,-") _
  29.     )
  30.  
  31.     dim i
  32.     dim j
  33.     dim Count
  34.     dim Chars
  35.     dim Index
  36.     dim Temp
  37.     dim min, max
  38.     min = 1
  39.     max = 50
  40.  
  41.     for i = 0 to UBound(CharacterSetArray)
  42.  
  43.         Count = CharacterSetArray(i)(0)
  44.         Chars = CharacterSetArray(i)(1)
  45.  
  46.         for j = 1 to Int((max-min+1)*Rnd+min)
  47.  
  48.             Index = Int(Rnd() * Len(Chars)) + 1
  49.             Temp = Temp & Mid(Chars, Index, 1)
  50.  
  51.         next
  52.  
  53.     next
  54.  
  55.     dim TempCopy
  56.  
  57.     do until Len(Temp) = 0
  58.  
  59.         Index = Int(Rnd() * Len(Temp)) + 1
  60.         TempCopy = TempCopy & Mid(Temp, Index, 1)
  61.         Temp = Mid(Temp, 1, Index - 1) & Mid(Temp, Index + 1)
  62.  
  63.     loop
  64.  
  65.     RandomString = TempCopy
  66. end function
  67.   Dim regEx, Match, Matches, s, cnt, outstr1, outstr2
  68.   cnt = 10000
  69.   While cnt > 0
  70.     cnt = cnt - 1
  71.     patrn = "bobbob" & RandomString()
  72.     strng = "babbab" & RandomString()
  73.     document.write("Pat - " & patrn)
  74.     document.write("<br>")
  75.     document.write("Strng - " & strng)
  76.     document.write("<br>")
  77.     Set regEx = New RegExp
  78.     regEx.Pattern = patrn
  79.     regEx.IgnoreCase = True
  80.     regEx.Global = True
  81.     Set Matches = regEx.Execute(strng)
  82.     s = ""
  83.     For Each Match in Matches
  84.       s = s & "Match found at position "
  85.       s = s & Match.FirstIndex & ". "
  86.       s = s & "Match Value is '"
  87.       s = s & Match.Value & "'."
  88.       s = s & vbCRLF
  89.     Next
  90.   Wend
  91.  
  92. </script>
  93.  
  94. </body>
  95. </HTML>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!