search

TheCyb3rAlpha / BobTheSmuggler

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
MIT License
491 stars 55 forks source link

Blank page #3

Closed bostjan39 closed 6 months ago

bostjan39 commented 7 months ago

Hi,

All works well, except when I try to open a generated html page. It shows blank page. I created it with this: python BobTheSmuggler.py -i C:\PROJECTS\msg.exe -f test.html -o msg.zip -t png -png C:\PROJECTS\Screenshot.png

My image is hosted online (not on cdn).

Did I do anything wrong? Please help :)

TheCyb3rAlpha commented 6 months ago

Hi @bostjan39,

Apologies for the delayed response. Been busy with the work. Please check debugger console, you should be getting CORS related error. As the JS code sends a XHR request, CORS needs to be enabled on your server for this to work. Otherwise, the HTML page won't load the JS code.