Full Disclosure mailing list archives
Exploiting 'Non-Critical' Media Player Vulnerabilities for Fun and Profit [Perl Version of MS06-006 Exploit]
From: Matthew Murphy <mattmurphy () kc rr com>
Date: Wed, 22 Feb 2006 00:33:01 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 After hearing a few thousand complaints from people who lost the function of the exploit I previously released because of problems interpreting special characters in the attached HTML file (and bad cut-and-paste jobs by exploit DBs), I've produced a Perl version of the code. Of note is that the Perl version rips a page from the Metasploit book and allows pluggable shellcode. A run-of-the-mill shellcode with the same function of that in the original exploit is distributed with the tool. It's not functionally any different (in terms of how the actual attack works) but the HTML is generated locally rather than shipped through e-mail gateways in raw form. For usage instructions and obligatory legal information, read the comments in the code. In the event the attached ZIP is stripped by (overzealous) gateway filters, you can also obtain a copy at: http://student.missouristate.edu/m/matthew007/research/wmp-plugin/wmp-profiteer.zip To obtain the PGP signature, just append ".asc" to that URL: http://student.missouristate.edu/m/matthew007/research/wmp-plugin/wmp-profiteer.zip.asc - -- "Social Darwinism: Try to make something idiot-proof, nature will provide you with a better idiot." -- Michael Holstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38 iD8DBQFD/AWcfp4vUrVETTgRAzm6AJ0XqpEKP6QyAx35EyjLANcByZdR2ACgrShB ZcF2o2M594tDPsQdMiaFGcc= =CC0r -----END PGP SIGNATURE-----
Attachment:
wmp-profiteer.zip
Description:
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38 iD8DBQBD+//dfp4vUrVETTgRAi24AJ4o4ap4nvggyFUaT1HppCr5U6FL1ACdHtR+ blQboX5MjFd6g9kmi9msn3I= =S9ip -----END PGP SIGNATURE-----
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Exploiting 'Non-Critical' Media Player Vulnerabilities for Fun and Profit [Perl Version of MS06-006 Exploit] Matthew Murphy (Feb 21)