forked from googleprojectzero/domato
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtemplate.html
executable file
·110 lines (74 loc) · 2.31 KB
/
template.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<!-- saved from url=(0014)about:internet -->
<html>
<head>
<style>
/*begincss*/
<cssfuzzer>
/*endcss*/
</style>
<script>
function freememory() {
try { CollectGarbage(); } catch(err) { }
try { FuzzingFunctions.garbageCollect(); } catch(err) { }
try { FuzzingFunctions.cycleCollect(); } catch(err) { }
try { window.gc(); } catch(err) { }
}
var runcount = {'jsfuzzer':0, 'eventhandler1':0, 'eventhandler2':0, 'eventhandler3':0, 'eventhandler4':0, 'eventhandler5':0}
var runLines = {'jsfuzzer':0, 'eventhandler1':0, 'eventhandler2':0, 'eventhandler3':0, 'eventhandler4':0, 'eventhandler5':0}
var errorLines = {'jsfuzzer':[], 'eventhandler1':[], 'eventhandler2':[], 'eventhandler3':[], 'eventhandler4':[], 'eventhandler5':[]}
function GetVariable(fuzzervars, var_type) { if(fuzzervars[var_type]) { return fuzzervars[var_type]; } else { return null; }}
function SetVariable(fuzzervars, var_name, var_type) { fuzzervars[var_type] = var_name; }
const jsfuzzer = () => {
const funcArea = "jsfuzzer";
let lineNo = -1;
runcount["jsfuzzer"]++; if(runcount["jsfuzzer"] > 2) { return; }
/* BEGIN jsfuzzer */
<jsfuzzer>
/* END jsfuzzer */
}
const eventhandler1 = () => {
const funcArea = "eventhandler1";
let lineNo = -1;
runcount["eventhandler1"]++; if(runcount["eventhandler1"] > 2) { return; }
/* BEGIN eventhandler1 */
<jsfuzzer>
/* END eventhandler1 */
}
const eventhandler2 = () => {
const funcArea = "eventhandler2";
let lineNo = -1;
runcount["eventhandler2"]++; if(runcount["eventhandler2"] > 2) { return; }
/* BEGIN eventhandler2 */
<jsfuzzer>
/* END eventhandler2 */
}
const eventhandler3 = () => {
const funcArea = "eventhandler3";
let lineNo = -1;
runcount["eventhandler3"]++; if(runcount["eventhandler3"] > 2) { return; }
/* BEGIN eventhandler3 */
<jsfuzzer>
/* END eventhandler3 */
}
const eventhandler4 = () => {
const funcArea = "eventhandler4";
let lineNo = -1;
runcount["eventhandler4"]++; if(runcount["eventhandler4"] > 2) { return; }
/* BEGIN eventhandler4 */
<jsfuzzer>
/* END eventhandler4 */
}
const eventhandler5 = () => {
const funcArea = "eventhandler5";
let lineNo = -1;
runcount["eventhandler5"]++; if(runcount["eventhandler5"] > 2) { return; }
/* BEGIN eventhandler5 */
<jsfuzzer>
/* END eventhandler5 */
}
</script>
</head>
<body onload=jsfuzzer()>
<!--beginhtml--><htmlfuzzer><!--endhtml-->
</body>
</html>