Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:62200612146
HistoryOct 06, 2006 - 12:00 a.m.

Seductive video 请君入瓮 parsing RealPlayer overflow vulnerability-vulnerability warning-the black bar safety net

2006-10-0600:00:00
佚名
www.myhack58.com
13
JSON

There is such a video, it is extremely tempting that you cannot resist its temptation, the click. In a burst of after waiting for, you will be aware of just to see just a“Mirage”, at this time, you have the best bottomless“urn”.

RealPlayer is everyone popular media player, the user very much, so it once the loopholes, there will be a lot of people attack. The previous RealPlayer Server had burst over a remote overflow vulnerability, making many film and television website was attacked. Nowadays, when everyone has forgotten the last of the vulnerability of the disaster brought the pain when a new version of RealPlayer has emerged overflow vulnerability.

Now, many“hackers”have been around the corner, looking forward to using RealPlayer overflow vulnerability, and practicing attack techniques, catch a few chickens, and keep after the time of the invasion…

Decryption vulnerability

“. smil”vulnerability allows RealPlayer“injured”

The occurrences of overflow vulnerabilities full name“RealNetworks RealPlayer . smil file handling buffer overflow loophole.” RealPlayer processing“. smil”file of some properties of the field, not for a copy operation of some string made a strict limit, so there is a buffer overflow vulnerability. The attacker can be carefully constructed“. smil”file make RealPlayer execute arbitrary malicious instructions, so that the invasion and control is the overflow’s computer.

Prompt:“. smil”file is RealPlayer a May player file formats at“. smil”file contains the actual movie file address, as well as some of the corresponding play set. When using RealPlayer to open this file, it will automatically connect file Real Video Link address and play the corresponding movie.

This vulnerability exists in RealPlayer’s various versions, affected versions include“Windows RealPlayer 10.5 (6.0.12.1040-1 0 5 6)”,“Windows RealPlayer 1 0, Windows RealOne Player v2 (6.0.11.853 - 8 7 2), Windows RealOne Player v2 (6.0.11.818 - 8 4 0)”and the like.

Vulnerability is how the formation of

First, we constructed a presence-overflow vulnerability“. smil”file. We don’t have to manually construct one“. smil”file, you want to know in the online a more simple, direct use of loopholes in the program. Download“. smil”overflow vulnerability to use the program “real.exe”(download address:http://www. qiangu. net/user/heibaisoft/tools/nuke/real- smil.rar a).

Brothers do not misuse chop wood work, prior to the invasion, we start to understand what real is how to attack.

Open a Command Prompt window, into the overflow where the program folder. Input“real.exe”see spill procedures use format, real format used for“real.exe ” it.

RealPlayer overflow and some time ago the popular image overflow is similar, is Mr. into a band overflow attacks function of the media files, here is a RealPlayer dedicated“. smil”video file, and therefore can be directly in the“real.exe”followed by a suffix named“. smil”file name. Enter here“real.exe test. smil”command and after execution you can generate one with the overflow to attack of the media file“test. smil”, as long as someone used a vulnerability exists in the Realplayer program to open this media file, it will cause overflow and automatically open the machine 1 3 5 7 9 port.

JSON