lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <43FC059D.8070706@kc.rr.com>
Date: Wed Feb 22 06:32:18 2006
From: mattmurphy at kc.rr.com (Matthew Murphy)
Subject: Exploiting 'Non-Critical' Media Player
 Vulnerabilities for Fun and
 Profit [Perl Version of MS06-006 Exploit]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

After hearing a few thousand complaints from people who lost the
function of the exploit I previously released because of problems
interpreting special characters in the attached HTML file (and bad
cut-and-paste jobs by exploit DBs), I've produced a Perl version of the
code.  Of note is that the Perl version rips a page from the Metasploit
book and allows pluggable shellcode.  A run-of-the-mill shellcode with
the same function of that in the original exploit is distributed with
the tool.

It's not functionally any different (in terms of how the actual attack
works) but the HTML is generated locally rather than shipped through
e-mail gateways in raw form.

For usage instructions and obligatory legal information, read the
comments in the code.

In the event the attached ZIP is stripped by (overzealous) gateway
filters, you can also obtain a copy at:

http://student.missouristate.edu/m/matthew007/research/wmp-plugin/wmp-profiteer.zip

To obtain the PGP signature, just append ".asc" to that URL:

http://student.missouristate.edu/m/matthew007/research/wmp-plugin/wmp-profiteer.zip.asc

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38

iD8DBQFD/AWcfp4vUrVETTgRAzm6AJ0XqpEKP6QyAx35EyjLANcByZdR2ACgrShB
ZcF2o2M594tDPsQdMiaFGcc=
=CC0r
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wmp-profiteer.zip
Type: application/x-zip-compressed
Size: 2120 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060222/abbe880b/wmp-profiteer.bin
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: wmp-profiteer.zip.asc
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060222/abbe880b/wmp-profiteer.zip.ksh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3436 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060222/abbe880b/smime.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ