- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3635
- Проверка EDB
-
- Пройдено
- Автор
- TRIRAT PUTTARAKSA
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2007-1765 cve-2007-0038
- Дата публикации
- 2007-04-01
Код:
Microsoft ANI Buffer Overflow Exploit
Author: Trirat Puttaraksa
http://sf-freedom.blogspot.com
Tested on: Windows XP SP2 fully patched + IE 6 SP2
For educational purpose only
There are many confuses about this vulnerability. Someone said that this could
not be exploited in XP SP2 - that's wrong. I provide this exploit because I
wanna to tell these people that they are in danger.
This exploit will call calc.exe (shellcode fome metasploit win32_exec
CMD=calc.exe EXITFUNC=process).
P.S. I do not include the source code for generate the .ani file because of
its damage. However, if you reverse engineer .ani file, you will know how
could I produce this exploit in 10 minutes.
I will describe this vulnerability and how to exploit it in my blog
after M$ released patch.
greets: used SkyLined's idea of exploitation. tnx to him.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/3635.zip (04012007-ani.zip)
# milw0rm.com [2007-04-01]- Источник
- www.exploit-db.com
