27 lines
No EOL
974 B
Text
27 lines
No EOL
974 B
Text
Microsoft ANI Buffer Overflow Exploit
|
|
|
|
Author: Trirat Puttaraksa
|
|
http://sf-freedom.blogspot.com
|
|
|
|
Tested on: Windows XP SP2 fully patched + IE 6 SP2
|
|
|
|
For educational purpose only
|
|
|
|
There are many confuses about this vulnerability. Someone said that this could
|
|
not be exploited in XP SP2 - that's wrong. I provide this exploit because I
|
|
wanna to tell these people that they are in danger.
|
|
This exploit will call calc.exe (shellcode fome metasploit win32_exec
|
|
CMD=calc.exe EXITFUNC=process).
|
|
|
|
P.S. I do not include the source code for generate the .ani file because of
|
|
its damage. However, if you reverse engineer .ani file, you will know how
|
|
could I produce this exploit in 10 minutes.
|
|
|
|
I will describe this vulnerability and how to exploit it in my blog
|
|
after M$ released patch.
|
|
|
|
greets: used SkyLined's idea of exploitation. tnx to him.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/3635.zip (04012007-ani.zip)
|
|
|
|
# milw0rm.com [2007-04-01] |