[Full-disclosure] Exploiting 'Non-Critical' Media Player Vulnerabilities for Fun and Profit [Perl Version of MS06-006 Exploit]

---

• From: Matthew Murphy <mattmurphy@xxxxxxxxx>
• Date: Wed, 22 Feb 2006 00:33:01 -0600

---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

After hearing a few thousand complaints from people who lost the
function of the exploit I previously released because of problems
interpreting special characters in the attached HTML file (and bad
cut-and-paste jobs by exploit DBs), I've produced a Perl version of the
code. Of note is that the Perl version rips a page from the Metasploit
book and allows pluggable shellcode. A run-of-the-mill shellcode with
the same function of that in the original exploit is distributed with
the tool.

It's not functionally any different (in terms of how the actual attack
works) but the HTML is generated locally rather than shipped through
e-mail gateways in raw form.

For usage instructions and obligatory legal information, read the
comments in the code.

In the event the attached ZIP is stripped by (overzealous) gateway
filters, you can also obtain a copy at:

http://student.missouristate.edu/m/matthew007/research/wmp-plugin/wmp-profiteer.zip

To obtain the PGP signature, just append ".asc" to that URL:

http://student.missouristate.edu/m/matthew007/research/wmp-plugin/wmp-profiteer.zip.asc

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

-- Michael Holstein

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38

iD8DBQFD/AWcfp4vUrVETTgRAzm6AJ0XqpEKP6QyAx35EyjLANcByZdR2ACgrShB
ZcF2o2M594tDPsQdMiaFGcc=
=CC0r
-----END PGP SIGNATURE-----

Attachment: wmp-profiteer.zip
Description: Zip compressed data

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38

iD8DBQBD+//dfp4vUrVETTgRAi24AJ4o4ap4nvggyFUaT1HppCr5U6FL1ACdHtR+
blQboX5MjFd6g9kmi9msn3I=
=S9ip
-----END PGP SIGNATURE-----

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

---

• Prev by Date: [Full-disclosure] What is the state of vulnerability research? (now in spam flavor)
• Next by Date: [Full-disclosure] InqTana Through the eyes of Dr. Frankenstein.
• Previous by thread: [Full-disclosure] What is the state of vulnerability research? (now in spam flavor)
• Next by thread: [Full-disclosure] InqTana Through the eyes of Dr. Frankenstein.
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: TV: Tiernanny (Vox) ... > Version: GnuPG v1.4.2 (MingW32) ... > gruß Birgit ... Next by Date: ... (de.rec.tiere.hunde) Re: OT Signaturtest ... > Version: GnuPG v1.4.2 (MingW32) ... Prev by Date: ... Next by Date: ... (de.rec.tiere.hunde) Re: OT Signaturtest ... > Version: GnuPG v1.4.2 (MingW32) ... Prev by Date: ... Next by Date: ... (de.rec.tiere.hunde) Re: OT Signaturtest ... > Hash: SHA1 ... > Gruß Birgit ... > Version: GnuPG v1.4.2 (MingW32) ... (de.rec.tiere.hunde)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Full-Disclosure  > 2006-02