def handle_object(self, object): log.warning(object) #self.check_attrs(object) self.do_handle_params(object) classid = object.get('classid', None) id = object.get('id', None) codebase = object.get('codebase', None) if codebase: try: self.window._navigator.fetch(codebase) except: pass if not log.ThugOpts.Personality.isIE(): return #if classid and id: if classid: try: axo = _ActiveXObject(self.window, classid, 'id') except TypeError: return if id is None: return setattr(self.window, id, axo) setattr(self.window.doc, id, axo)
def handle_object(self, object): log.warning(object) self.check_attrs(object) classid = object.get('classid', None) id = object.get('id', None) if classid and id: setattr(self.window, id, _ActiveXObject(self.window, classid, 'id'))
def _handle_object(self, object): log.warning(object) classid = object.get('classid', None) id = object.get('id', None) if not log.ThugOpts.Personality.isIE(): return if classid and id: setattr(self.doc.window, id, _ActiveXObject(self.doc.window, classid, 'id'))
def __getattr__(self, key): if log.ThugOpts.Personality.isIE() and key.lower() in ('wscript', ): # Prevent _ActiveXObject loops super(Window, self).__setattr__("WScript", None) WScript = _ActiveXObject(self, "WScript.Shell") super(Window, self).__setattr__(key, WScript) super(Window, self).__setattr__("WScript", WScript) return WScript return super(Window, self).__getattr__(key)
def __init_personality_IE(self): self.ActiveXObject = self._do_ActiveXObject self.Run = self._Run self.CollectGarbage = self._CollectGarbage self.navigate = self._navigate self.clientInformation = self.navigator self.clipboardData = ClipboardData() self.external = External() _ActiveXObject(self, "WScript.Shell") if log.ThugOpts.Personality.browserMajorVersion < 9: self.attachEvent = self._attachEvent self.detachEvent = self._detachEvent else: self.addEventListener = self._addEventListener self.removeEventListener = self._removeEventListener if log.ThugOpts.Personality.browserMajorVersion in (8, ): self.Storage = object() self.doc.parentWindow = self._parent
def fireOnloadEvents(self): #for tag in self._findAll('script'): # self.evalScript(tag.string, tag = tag) for tag in self._findAll('object'): classid = tag.get('classid', None) id = tag.get('id', None) if not classid or not id: continue setattr(self, id, _ActiveXObject(self, classid, 'id')) index = 0 tags = self._findAll('script') while index < len(self._findAll('script')): tag = self._findAll('script')[index] if not tag.string: src = tag.get('src', None) if src: try: response = self._navigator.fetch( src, redirect_type="onload script") except: continue if response is None: continue if response.status_code == 404: continue js = response.content tag.setString(js) try: self.evalScript(tag.string, tag=tag) except: log.debug(traceback.format_exc()) index += 1 body = self.doc.body if body and body.tag.has_attr('onload'): self.evalScript(body.tag['onload'], tag=body.tag.contents[-1]) if hasattr(self, 'onload'): self.evalScript(self.onload)
def fireOnloadEvents(self): #for tag in self._findAll('script'): # self.evalScript(tag.string, tag = tag) for tag in self._findAll('object'): classid = tag.get('classid', None) id = tag.get('id', None) if not classid or not id: continue setattr(self, id, _ActiveXObject(self, classid, 'id')) index = 0 tags = self._findAll('script') while index < len(self._findAll('script')): tag = self._findAll('script')[index] if not tag.string: src = tag.get('src', None) if src: try: response = self._navigator.fetch(src, redirect_type = "onload script") except: continue if response is None: continue if response.status_code == 404: continue js = response.content tag.setString(js) try: self.evalScript(tag.string, tag = tag) except: log.debug(traceback.format_exc()) index += 1 body = self.doc.body if body and body.tag.has_attr('onload'): self.evalScript(body.tag['onload'], tag = body.tag.contents[-1]) if hasattr(self, 'onload'): self.evalScript(self.onload)
def handle_object(self, object): log.warning(object) #self.check_attrs(object) params = self.do_handle_params(object) classid = object.get('classid', None) id = object.get('id', None) codebase = object.get('codebase', None) data = object.get('data', None) if codebase: try: self.window._navigator.fetch(codebase, redirect_type = "object codebase", params = params) except: pass if data and not data.startswith('data:'): try: self.window._navigator.fetch(data, redirect_type = "object data", params = params) except: pass if not log.ThugOpts.Personality.isIE(): return #if classid and id: if classid: try: axo = _ActiveXObject(self.window, classid, 'id') except TypeError: return if id is None: return setattr(self.window, id, axo) setattr(self.window.doc, id, axo)
def XMLHttpRequest(self): return _ActiveXObject(self, 'microsoft.xmlhttp')
def _do_ActiveXObject(self, cls, type = 'name'): return _ActiveXObject(self, cls, type = 'name')
def _do_ActiveXObject(self, cls, type='name'): return _ActiveXObject(self, cls, type='name')
def _do_ActiveXObject(self, cls, type="name"): return _ActiveXObject(self, cls, type="name")