WinJPEGAdminExp_MS04-028.sh提交时间:2004-09-23 提交用户:dav1d 工具分类:攻击程序 运行平台:Windows 工具大小:7801 Bytes 文件MD5 :4ccd3fc1a99d5c563e7f920f141ff973 工具来源:K-otik # MS04-028 Exploit PoC II with Shellcode: CreateUser X in Administrators Group # # Tested on: # WinXP Professional English SP1 - GDIPLUS.DLL version 5.1.3097.0 # WinXP Professional Italian SP1 - GDIPLUS.DLL version 5.1.3101.0 # (SP2 is not vulnerable, don't waste your time trying this exploit on it!) # # Usage: # first, replace the "\xCC" = INT3 instruction at beginning of shellcode # second, choose a right ret address for GDI+ DLL and WinXP version # then, create crafted JPEG with: sh ms04-028.sh > img.jpg # # Created by: # Elia Florio # (heap overflow study purpose, not for lamerz, not for script-kiddie) # # Thanx to: # jerome.athias # metasploit.org # idefense # full-disclosure list >> 下载 << |
