作者归档:ysrfind

Eureka Email 2.2q ERR Remote Buffer Overflow Exploit

========================================= vicitm : window xp sp3 CHINESE OS : bt5 (ip : 192.168.94.141) —————————————– this is the app and vuln info and it not work in my victim before i modify it ========================================= 01a

发表在 Uncategorized | Comments Off on Eureka Email 2.2q ERR Remote Buffer Overflow Exploit

exploit work in my victim PART 3

================================= VICTIM : WINDOW XP SP3 EN ================================= find out jmp esp address =================================

发表在 Uncategorized | Comments Off on exploit work in my victim PART 3

Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow (2)

*************************** victim : windows XP sp3 EN *************************** for more detail , please view http://netsec.ccert.edu.cn/hacking/2012/09/03/mini-stream-rm-mp3-converter-v3-1-2-2-local-buffer-overflow/ this is victim =========================== v1 =========================

发表在 Uncategorized | Comments Off on Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow (2)

Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow—- write my own exp

============================ attacker : bt5 r2 victim : win XP sp3 (CHINESE) ============================ here is the exploit info , the exp is not work in my own victim ************************************************ 1 ************************************************

发表在 Uncategorized | Comments Off on Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow—- write my own exp

exploit work in my victim PART 2

##################################### i want to get a shell code , i can also see that ESP seems to point to C’s the C’s ,i don’t know for sure that the first C ,at address 00ff730 , where ESP point at . … 继续阅读

发表在 Uncategorized | Comments Off on exploit work in my victim PART 2

exploit work in my victim PART 1

why i test this, cause it not work in my victim os : —————————- backtrack 5 R2 window xp (CHINESE) ———————-

发表在 Uncategorized | Comments Off on exploit work in my victim PART 1

blog_view_all_20120806

http://x73.cc/how-to-metasploit-db_autopwn-with-postgresql.html http://zhaoxiaobu.blog.51cto.com/878176/d-5 http://hi.baidu.com/664169240/blog/index/1

发表在 Uncategorized | Comments Off on blog_view_all_20120806

something_may_future_use_20120806

http://www.lengmo.net/post/1293/#entrymore 网渗透利器–reDuh(webshell跳板)简单使用说明 这个工具可以把内网服务器的端口通过http/https隧道转发到本机,形成一个连通回路。用于目标服务器在内网或做了端口策略的情况下连接目标服务器内部开放端口。

发表在 Uncategorized | Comments Off on something_may_future_use_20120806

video-evil_deb

video upload to dropbox already u can replace to any *.deb , we mean the source *.deb . most importantly , many user of linux without Anti-virus

发表在 Uncategorized | Comments Off on video-evil_deb

windows/fileformat/adobe_utilprint

C this poc was written for educational purpose only. use it at your own risk. Author will be not responsible for any. ========================================= victim : bt5 r2 attack m : win xp Chinese sp3 =================rc======================== use windows/fileformat/adobe_utilprint set payload windows/meterpreter/reverse_tcp … 继续阅读

发表在 Uncategorized | Comments Off on windows/fileformat/adobe_utilprint