Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##
- # From the computer overground, comes a dumb parlor trick that can
- # be leveraged to social engineer people who trust the file extensions
- # of remote servers.
- #
- # Live demo: https://s.arciszewski.me/rewritepoc/test.txt
- ##
- Add this to the nginx config for any virtual host:
- rewrite ^/rewritepoc/(.*)/?$ /pocrw.php?file=$1;
- Or if you use Apache, this should do the trick:
- RewriteRule ^\/rewritepoc\/(.*)\/?$ /pocrw.php?file=$1 [L]
- Then save the following as pocrw.php
- <?
- header("Content-Type: text/html;charset=UTF-8");
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <title>PoC</title>
- <script type="application/javascript">
- alert("You are now breathing manually.\nYou accessed: /rewritepoc/<?=htmlspecialchars($_GET['file'], ENT_QUOTES | ENT_HTML5, 'UTF-8'); ?>");
- window.location="https://torproject.org";
- </script>
- </head>
- <body>
- <h2>LOL MALWARE</h2>
- </body>
- </html>
- ##
- # Then you go in IRC:
- #
- # noob> Hey, can someone help me debug my code?
- # snob> go away
- # elite> now snob, be polite to the noob
- # snob> fine
- # snob->noob: send me the source?
- # noob->snob: http://innocuo.us/sourcecode/authorize_net.txt
- # noob->snob: I keep getting a weird error
- # *snob has disconnected for reason: rm -rf /
- #
- # Mitigations:
- # 1. Don't carelessly click shit
- # 2. NoScript, keep your shit up to date, pray nobody has 0day for your browser
- ##
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement