鬼仔's Blog

文章作者：Eros412
信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

MS Bulletin : http://www.microsoft.com/technet/security/Bulletin/MS08-066.mspx

**********计算IoControlCode过程**********
阅读全文 »

Hi,

I have just uploaded a k-plugin for Kartoffel, which exploits a flaw
patched in the recent MS08-066 bulletin.

http://kartoffel.reversemode.com/downloads.php
backup: http://milw0rm.com/sploits/2008-afd_plugin.zip
阅读全文 »

鬼仔：提权很好用，直接system。文章末尾贴个TR那里的测试图。
编译好的：http://www.blogjava.net/Files/baicker/Churrasco.rar （via 009）

From：http://nomoreroot.blogspot.com/2008/10/windows-2003-poc-exploit-for-token.html

It has been a long time since Token Kidnapping presentation (http://www.argeniss.com/research/TokenKidnapping.pdf)
was published so I decided to release a PoC exploit for Win2k3 that alows to execute code under SYSTEM account.
阅读全文 »

#!/usr/bin/perl
#
#
# mIRC 6.34 Remote Buffer Overflow Exploit
# Exploit by SkD (skdrat <at> hotmail <.> com)
# ----------------------------------------
# A day's work of debugging and looking at mIRC.
#
# Tested on Windows XP SP3 English and Windows Vista SP0.
#
# Credits to securfrog for publishing the PoC.
#
# Author has no responsibility over the damage you do with this!
#
# Note: You might change the addresses for Vista ;)
#
# ----------------------------------------
阅读全文 »

EMR_COLORMATCHTOTARGETW stack buffer overflow exploit
By Ac!dDrop

This is one of the 2 Vulnerabilities of MS08-021

Tested on Windows xp professional SP1
GDi32.dll 5.1.2600.1106
kernel32.dll 5.1.2600.1106
ws2_32.dll 5.1.2600.0
阅读全文 »

MS Windows GDI+ .ico Remote Division By Zero

Application: GDIPLUS.DLL

Web Site: http://www.microsoft.com/

Platform: Windows *

Bug: Division By Zero

Tested agains: XP SP3 fully patched

Note: This have nothing to do with http://milw0rm.com/exploits/4044
-------------------------------------------------------
阅读全文 »