GDI+ | 鬼仔's Blog

MS Windows GDI+ Proof of Concept (MS08-052) #2

2008/10/12 15:30 | 鬼仔 | 工具收集 | 1 个回复

-----------------------------------------------------------------------------------------
Operating System: XP SP2
Gdiplus.dll Version: 5.1.3102.2180

Credit:

John Smith,
Evil Fingers

GIF Template Reference: http://www.sweetscape.com/010editor/templates/files/GIFTemplate.bt

PoC Link: http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt

http://www.evilfingers.com/patchTuesday/PoC.php
========================================================================
阅读全文 »

Tags: GDI+, MS08-052

MS Windows GDI (EMR_COLORMATCHTOTARGETW) Exploit MS08-021

2008/10/03 18:25 | 鬼仔 | 工具收集 | 2 个回复

EMR_COLORMATCHTOTARGETW stack buffer overflow exploit
By Ac!dDrop

This is one of the 2 Vulnerabilities of MS08-021

Tested on Windows xp professional SP1
GDi32.dll 5.1.2600.1106
kernel32.dll 5.1.2600.1106
ws2_32.dll 5.1.2600.0
阅读全文 »

Tags: Exploit, GDI+, MS08-021

MS Internet Explorer GDI+ Proof of Concept (MS08-052)

2008/09/29 14:14 | 鬼仔 | 工具收集 | 5 个回复

<html>
<head>
<STYLE>
ef\:* { behavior: url(#default#VML); }
</STYLE>
</head>

<body>

<pre>
================================================
MS08-052: GDI+ Vulnerability
------------------------------------------------
Operating System: XP SP2
Internet Explorer Version: 6.0.2900.2180
Gdiplus.dll Version: 5.1.3102.2180
阅读全文 »

Tags: GDI+, GdiPlus.dll, MS08-052

MS Windows GDI+ (.ico File) Remote Division By Zero Exploit

2008/09/29 14:12 | 鬼仔 | 工具收集 | 消灭0回复

MS Windows GDI+ .ico Remote Division By Zero

Application: GDIPLUS.DLL

Web Site: http://www.microsoft.com/

Platform: Windows *

Bug: Division By Zero

Tested agains: XP SP3 fully patched

Note: This have nothing to do with http://milw0rm.com/exploits/4044
-------------------------------------------------------
阅读全文 »

Tags: Exploit, GDI+, GdiPlus.dll

MS08-052 WMF漏洞分析及漏洞测试

2008/09/26 15:29 | 鬼仔 | 技术文章 | 1 个回复

------by CuteK

一背景知识

由文件格式入手,来分析MS08-052漏洞, 并构造了一个可以使没有补丁的程序崩溃的图片,

1 WMF文件结构

--------------------------|
| 文件头 |
|-------------------------|
| 文件记录 |
|-------------------------|
|-------------------------|
| 文件记录 |
|-------------------------|
|-------------------------|
| 文件记录 |
|-------------------------|
阅读全文 »

Tags: GDI+, MS08-052, WMF

GDI+？MS04-028

2008/09/17 21:28 | 鬼仔 | 乱七八糟 | 32 个回复

update：是MS04-028，alert7大牛和Greysign大牛鉴定过了。不知道谁拿个MS04-028在群里发着玩，很多同学的杀软都报了。MS08-052好像不影响JPG，只影响VML、EMF、GIF、WMF、BMP。

今天下午卡巴突然弹出来提示框（当时没截图，从报告中找出来的）：

文件 X:\Program Files\Tencent\QQ\*****（我QQ）\image\{BA67DC3C-9090-445D-892B-8504175DBF8F}.JPG：检测到：木马程序 'Exploit.Win32.MS04-028.a'.

报的是MS04-028，也不知道到底是MS04-028还是MS08-052。

然后又从隔离区把这张图片给恢复出来，看看内容：
GDI+

ps：刚看到职业欠钱那里也遇到了这个东西，跟我这里一模一样。

Tags: GDI+, MS04-028, MS08-052

鬼仔's Blog

标签 ‘GDI+’ 下的日志

MS Windows GDI+ Proof of Concept (MS08-052) #2

MS Windows GDI (EMR_COLORMATCHTOTARGETW) Exploit MS08-021

MS Internet Explorer GDI+ Proof of Concept (MS08-052)

MS Windows GDI+ (.ico File) Remote Division By Zero Exploit

MS08-052 WMF漏洞分析及漏洞测试

GDI+？MS04-028

订阅更新

最新日志

最新评论

分类

标签云

按月归档