Switch/web-cfw-loader
1
0
Fork 0
mirror of https://github.com/lordfriky/web-cfw-loader.git synced 2024-12-28 08:01:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

merge

Browse Source
This commit is contained in:
Artur Lorenz 2018-07-23 21:43:02 +02:00
commit beed5c054d
14 changed files with 42 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
i18n.js
View File

@ -22,10 +22,10 @@ function setPageLanguage(lang) {
else if (lang === "pl-PL") else if (lang === "pl-PL")
langObj = plPL; langObj = plPL;
else if (lang === "zh-CN") else if (lang === "zh-CN")
langObj = zhCN; langObj = zhCN;
else if (lang === "zh-TW") else if (lang === "zh-TW")
langObj = zhTW; langObj = zhTW;
@ -55,6 +55,7 @@ function setPageLanguage(lang) {
document.getElementById("optionCTCaerHekate").innerHTML = langObj.optionCTCaerHekate; document.getElementById("optionCTCaerHekate").innerHTML = langObj.optionCTCaerHekate;
document.getElementById("optionFusee").innerHTML = langObj.optionFusee; document.getElementById("optionFusee").innerHTML = langObj.optionFusee;
document.getElementById("optionSXOS").innerHTML = langObj.optionSXOS; document.getElementById("optionSXOS").innerHTML = langObj.optionSXOS;
document.getElementById("optionReiNX").innerHTML = langObj.optionReiNX;
document.getElementById("optionUpload").innerHTML = langObj.optionUpload; document.getElementById("optionUpload").innerHTML = langObj.optionUpload;
document.getElementById("h4GetByteArray").innerHTML = langObj.h4GetByteArray; document.getElementById("h4GetByteArray").innerHTML = langObj.h4GetByteArray;
document.getElementById("h3Log").innerHTML = langObj.h3Log; document.getElementById("h3Log").innerHTML = langObj.h3Log;

1
i18n/de-DE.js
View File

@ -17,6 +17,7 @@ let deDE = {
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (Alle Firmwares)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (Alle Firmwares)",
"optionFusee" :"(Re)Switched Test Payload (fusee)", "optionFusee" :"(Re)Switched Test Payload (fusee)",
"optionSXOS" :"SX OS (Alle Firmwares)", "optionSXOS" :"SX OS (Alle Firmwares)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"Eigenes Payload hochladen", "optionUpload" :"Eigenes Payload hochladen",
"h3Log" :"Protokoll:", "h3Log" :"Protokoll:",
"h4GetByteArray" :"Erhalte das Payload Byte-Array (nicht senden)", "h4GetByteArray" :"Erhalte das Payload Byte-Array (nicht senden)",

1
i18n/en-US.js
View File

@ -18,6 +18,7 @@ let enUS = {
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)",
"optionFusee" :"(Re)Switched test payload (fusee)", "optionFusee" :"(Re)Switched test payload (fusee)",
"optionSXOS" :"SX OS (All Firmwares)", "optionSXOS" :"SX OS (All Firmwares)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"Upload Payload", "optionUpload" :"Upload Payload",
"h3Log" :"Log:", "h3Log" :"Log:",
"h4GetByteArray" :"Get payload byte array (don't sploit)", "h4GetByteArray" :"Get payload byte array (don't sploit)",

3
i18n/es-MX.js
View File

@ -17,8 +17,9 @@ let esMX = {
"optionCTCaerHekate" :"Mod de Hekate de CTCaer v3.2 (Todos los Firmwares)", "optionCTCaerHekate" :"Mod de Hekate de CTCaer v3.2 (Todos los Firmwares)",
"optionFusee" :"Payload de prueba de (Re)Switched (fusee)", "optionFusee" :"Payload de prueba de (Re)Switched (fusee)",
"optionSXOS" :"SX OS (Todos los Firmwares)", "optionSXOS" :"SX OS (Todos los Firmwares)",
"optionReiNX" :"ReiNX (Con Parche de Firmas)",
"optionUpload" :"Subir Payload", "optionUpload" :"Subir Payload",
"h3Log" :"Log:", "h3Log" :"Registro:",
"h4GetByteArray" :"Obtener matriz de bytes del payload (sin exploit)", "h4GetByteArray" :"Obtener matriz de bytes del payload (sin exploit)",
"goButton" :"Enviar Payload!", "goButton" :"Enviar Payload!",
"clearlogsbutton" :"Borrar registro", "clearlogsbutton" :"Borrar registro",

1
i18n/fr-FR.js
View File

@ -17,6 +17,7 @@ let frFR = {
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)",
"optionFusee" :"(Re)Switched test payload (fusee)", "optionFusee" :"(Re)Switched test payload (fusee)",
"optionSXOS" :"SX OS (All Firmwares)", "optionSXOS" :"SX OS (All Firmwares)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"Upload Payload", "optionUpload" :"Upload Payload",
"h3Log" :"Log:", "h3Log" :"Log:",
"h4GetByteArray" :"Get payload byte array (don't sploit)", "h4GetByteArray" :"Get payload byte array (don't sploit)",

1
i18n/it-IT.js
View File

@ -17,6 +17,7 @@ let itIT = {
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)",
"optionFusee" :"(Re)Switched payload di test (fusee)", "optionFusee" :"(Re)Switched payload di test (fusee)",
"optionSXOS" :"SX OS (All Firmwares)", "optionSXOS" :"SX OS (All Firmwares)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"Carica payload", "optionUpload" :"Carica payload",
"h3Log" :"Log:", "h3Log" :"Log:",
"h4GetByteArray" :"Ottieni byte array del payload (no exploit)", "h4GetByteArray" :"Ottieni byte array del payload (no exploit)",

1
i18n/pl-PL.js
View File

@ -19,6 +19,7 @@ let plPL = {
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)",
"optionFusee" :"(Re)Switched testowy payload (fusee)", "optionFusee" :"(Re)Switched testowy payload (fusee)",
"optionSXOS" :"SX OS (All Firmwares)", "optionSXOS" :"SX OS (All Firmwares)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"Załaduj payload", "optionUpload" :"Załaduj payload",
"h3Log" :"Log:", "h3Log" :"Log:",
"h4GetByteArray" :"Uzyskaj ciąg bajtów payloadu (nie uruchamiaj)", "h4GetByteArray" :"Uzyskaj ciąg bajtów payloadu (nie uruchamiaj)",

1
i18n/pt-BR.js
View File

@ -17,6 +17,7 @@ let ptBR = {
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)",
"optionFusee" :"Payload de teste (Re)Switched (fusee)", "optionFusee" :"Payload de teste (Re)Switched (fusee)",
"optionSXOS" :"SX OS (All Firmwares)", "optionSXOS" :"SX OS (All Firmwares)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"Carregar Payload", "optionUpload" :"Carregar Payload",
"h3Log" :"Log:", "h3Log" :"Log:",
"h4GetByteArray" :"Recuperar array de bytes do payload (favor não exploitar)", "h4GetByteArray" :"Recuperar array de bytes do payload (favor não exploitar)",

1
i18n/ru-RU.js
View File

@ -17,6 +17,7 @@ let ruRU = {
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (All Firmwares)",
"optionFusee" :"Тестовый пейлоад от (Re)Switched", "optionFusee" :"Тестовый пейлоад от (Re)Switched",
"optionSXOS" :"SX OS (All Firmwares)", "optionSXOS" :"SX OS (All Firmwares)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"Загрузить свой пейлоад", "optionUpload" :"Загрузить свой пейлоад",
"h3Log" :"Log:", "h3Log" :"Log:",
"h4GetByteArray" :"Получить побайтовый вывод листинга пейлоада в лог (без отправки на консоль)", "h4GetByteArray" :"Получить побайтовый вывод листинга пейлоада в лог (без отправки на консоль)",

3
i18n/zh-CN.js
View File

@ -16,7 +16,8 @@ let zhCN = {
"h4SelectPayload" :"选择 Payload:", "h4SelectPayload" :"选择 Payload:",
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (全版本)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (全版本)",
"optionFusee" :"(Re)Switched test payload (fusee)", "optionFusee" :"(Re)Switched test payload (fusee)",
"optionSXOS" :"SX OS (全版本)", "optionSXOS" :"SX OS (全版本)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"上传 Payload", "optionUpload" :"上传 Payload",
"h4GetByteArray" :"获取Payload byte array (无Sploit)", "h4GetByteArray" :"获取Payload byte array (无Sploit)",
"goButton" :"传递 Payload!", "goButton" :"传递 Payload!",

3
i18n/zh-TW.js
View File

@ -16,7 +16,8 @@ let zhTW = {
"h4SelectPayload" :"選擇 Payload:", "h4SelectPayload" :"選擇 Payload:",
"optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (全版本)", "optionCTCaerHekate" :"CTCaer's Hekate Mod v3.2 (全版本)",
"optionFusee" :"(Re)Switched test payload (fusee)", "optionFusee" :"(Re)Switched test payload (fusee)",
"optionSXOS" :"SX OS (全版本)", "optionSXOS" :"SX OS (全版本)",
"optionReiNX" :"ReiNX (With SigPatches)",
"optionUpload" :"上傳Payload", "optionUpload" :"上傳Payload",
"h4GetByteArray" :"獲取Payload byte array (無Sploit)", "h4GetByteArray" :"獲取Payload byte array (無Sploit)",
"goButton" :"傳遞Payload!", "goButton" :"傳遞Payload!",

7
index.html
View File

@ -5,7 +5,7 @@
<meta charset="utf-8"> <meta charset="utf-8">
<link rel="stylesheet" type="text/css" href="style.css" /> <link rel="stylesheet" type="text/css" href="style.css" />
<link href="favicon.png" rel="icon" type="image/x-icon" /> <link href="favicon.png" rel="icon" type="image/x-icon" />
<title>Switch Payload Loader v1.3.1</title> <title>Switch Payload Loader v1.3.2</title>
<script src="./i18n/en-US.js"></script> <script src="./i18n/en-US.js"></script>
<script src="./i18n/it-IT.js"></script> <script src="./i18n/it-IT.js"></script>
@ -113,8 +113,9 @@
<select class="pull-right" id="payloadSelect" onchange="onSelectChange()"> <select class="pull-right" id="payloadSelect" onchange="onSelectChange()">
<option value="CTCaer_Hekate" id="optionCTCaerHekate" >CTCaer's Hekate Mod v3.2 (All Firmwares)</option> <option value="CTCaer_Hekate" id="optionCTCaerHekate" >CTCaer's Hekate Mod v3.2 (All Firmwares)</option>
<option value="fusee" id="optionFusee" >(Re)Switched test payload (fusee)</option> <option value="fusee" id="optionFusee" >(Re)Switched test payload (fusee)</option>
<option value="sx os" id="optionSXOS" >SX OS (All Firmwares)</option> <option value="sx os" id="optionSXOS" >SX OS (All Firmwares)</option>
<option value="briccmii" id="briccmii" >briccmii</option> <option value="ReiNX" id="optionReiNX" >ReiNX (With SigPatches)</option>
<option value="briccmii" id="briccmii" >briccmii</option>
<option value="uploaded" id="optionUpload" >Upload payload</option> <option value="uploaded" id="optionUpload" >Upload payload</option>
</select> </select>
</div> </div>

34
main.js
View File

@ -1,9 +1,9 @@
const intermezzo = new Uint8Array([ const intermezzo = new Uint8Array([
0x44, 0x00, 0x9F, 0xE5, 0x01, 0x11, 0xA0, 0xE3, 0x40, 0x20, 0x9F, 0xE5, 0x00, 0x20, 0x42, 0xE0, 0x44, 0x00, 0x9F, 0xE5, 0x01, 0x11, 0xA0, 0xE3, 0x40, 0x20, 0x9F, 0xE5, 0x00, 0x20, 0x42, 0xE0,
0x08, 0x00, 0x00, 0xEB, 0x01, 0x01, 0xA0, 0xE3, 0x10, 0xFF, 0x2F, 0xE1, 0x00, 0x00, 0xA0, 0xE1, 0x08, 0x00, 0x00, 0xEB, 0x01, 0x01, 0xA0, 0xE3, 0x10, 0xFF, 0x2F, 0xE1, 0x00, 0x00, 0xA0, 0xE1,
0x2C, 0x00, 0x9F, 0xE5, 0x2C, 0x10, 0x9F, 0xE5, 0x02, 0x28, 0xA0, 0xE3, 0x01, 0x00, 0x00, 0xEB, 0x2C, 0x00, 0x9F, 0xE5, 0x2C, 0x10, 0x9F, 0xE5, 0x02, 0x28, 0xA0, 0xE3, 0x01, 0x00, 0x00, 0xEB,
0x20, 0x00, 0x9F, 0xE5, 0x10, 0xFF, 0x2F, 0xE1, 0x04, 0x30, 0x90, 0xE4, 0x04, 0x30, 0x81, 0xE4, 0x20, 0x00, 0x9F, 0xE5, 0x10, 0xFF, 0x2F, 0xE1, 0x04, 0x30, 0x90, 0xE4, 0x04, 0x30, 0x81, 0xE4,
0x04, 0x20, 0x52, 0xE2, 0xFB, 0xFF, 0xFF, 0x1A, 0x1E, 0xFF, 0x2F, 0xE1, 0x20, 0xF0, 0x01, 0x40, 0x04, 0x20, 0x52, 0xE2, 0xFB, 0xFF, 0xFF, 0x1A, 0x1E, 0xFF, 0x2F, 0xE1, 0x20, 0xF0, 0x01, 0x40,
0x5C, 0xF0, 0x01, 0x40, 0x00, 0x00, 0x02, 0x40, 0x00, 0x00, 0x01, 0x40 0x5C, 0xF0, 0x01, 0x40, 0x00, 0x00, 0x02, 0x40, 0x00, 0x00, 0x01, 0x40
]); ]);
@ -17,7 +17,7 @@ const PAYLOAD_LOAD_BLOCK = 0x40020000;
function createRCMPayload(intermezzo, payload) { function createRCMPayload(intermezzo, payload) {
const rcmLength = 0x30298; const rcmLength = 0x30298;
const intermezzoAddressRepeatCount = (INTERMEZZO_LOCATION - RCM_PAYLOAD_ADDRESS) / 4; const intermezzoAddressRepeatCount = (INTERMEZZO_LOCATION - RCM_PAYLOAD_ADDRESS) / 4;
const rcmPayloadSize = Math.ceil((0x2A8 + (0x4 * intermezzoAddressRepeatCount) + 0x1000 + payload.byteLength) / 0x1000) * 0x1000; const rcmPayloadSize = Math.ceil((0x2A8 + (0x4 * intermezzoAddressRepeatCount) + 0x1000 + payload.byteLength) / 0x1000) * 0x1000;
@ -114,9 +114,9 @@ async function launchPayload(payload) {
logOutput("Switching to higher buffer..."); logOutput("Switching to higher buffer...");
await device.transferOut(1, new ArrayBuffer(0x1000)); await device.transferOut(1, new ArrayBuffer(0x1000));
} }
logOutput("Trigging vulnerability..."); logOutput("Trigging vulnerability...");
const vulnerabilityLength = 0x7000; const vulnerabilityLength = 0x7000;
const smash = await device.controlTransferIn({ const smash = await device.controlTransferIn({
requestType: 'standard', requestType: 'standard',
recipient: 'interface', recipient: 'interface',
@ -132,7 +132,7 @@ document.getElementById("goButton").addEventListener("click", async () => {
clearLog(); clearLog();
var debugCheckbox = document.getElementById("shouldDebug"); var debugCheckbox = document.getElementById("shouldDebug");
const payloadType = document.getElementById("payloadSelect").value; const payloadType = document.getElementById("payloadSelect").value;
if(!debugCheckbox.checked) { if(!debugCheckbox.checked) {
logOutput("Requesting access to device..."); logOutput("Requesting access to device...");
@ -151,13 +151,17 @@ document.getElementById("goButton").addEventListener("click", async () => {
} else if (payloadType === "fusee") { } else if (payloadType === "fusee") {
payload = fusee; payload = fusee;
} else if (payloadType === "sx os") { } else if (payloadType === "sx os") {
payload = sx; payload = sx;
} else if (payloadType === "ReiNX") {
payload = ReiNX;
} else if (payloadType === "briccmii") { } else if (payloadType === "briccmii") {
payload = briccmii; payload = briccmii;
}
else if (payloadType === "uploaded") { } else if (payloadType === "uploaded") {
const file = document.getElementById("payloadUpload").files[0]; const file = document.getElementById("payloadUpload").files[0];
if (!file) { if (!file) {
alert("You need to upload a file, to use an uploaded file."); alert("You need to upload a file, to use an uploaded file.");
@ -165,7 +169,7 @@ document.getElementById("goButton").addEventListener("click", async () => {
} }
logOutput("Using uploaded payload \"" + file.name + "\""); logOutput("Using uploaded payload \"" + file.name + "\"");
payload = new Uint8Array(await readFileAsArrayBuffer(file)); payload = new Uint8Array(await readFileAsArrayBuffer(file));
} else { } else {
logOutput("<span style='color:red'>You're trying to load a payload type that doesn't exist.</span>"); logOutput("<span style='color:red'>You're trying to load a payload type that doesn't exist.</span>");
return; return;
@ -201,7 +205,7 @@ function onSelectChange() {
function openInfo() { function openInfo() {
if(document.getElementById("infodiv").innerHTML != "") { if(document.getElementById("infodiv").innerHTML != "") {
document.getElementById("infodiv").innerHTML = ""; document.getElementById("infodiv").innerHTML = "";
} }
} }
@ -210,4 +214,4 @@ function openInstructions() {
if(document.getElementById("infodiv").innerHTML != "") { if(document.getElementById("infodiv").innerHTML != "") {
document.getElementById("infodiv").innerHTML = ""; document.getElementById("infodiv").innerHTML = "";
} }
} }

3
payloads.js
View File

File diff suppressed because one or more lines are too long