New User, Welcome!     Login

ERROR SUCCESS

Code to mitigate IE STYLE zero-day

STDAPI DllUnregisterServer()
{
        HKEY                    hkey, hkey2, hkey3;

        if ( RegOpenKeyW( HKEY_LOCAL_MACHINE, L"SOFTWARE\\"
                L"Classes\\CLSID", &hkey ) == ERROR_SUCCESS )
        {
                if ( RegOpenKeyW( hkey, IEBSFIX1_CLSID_W,
                        &hkey2 ) == ERROR_SUCCESS )
                {
                        if ( RegOpenKeyW( hkey2, L"InprocServer32",

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability

DWORD datatype ;
DWORD datasize = MAX_PATH * sizeof(WCHAR);
ULONG oldlen ;
PVOID pOldBufferData = NULL ;
 
if (RegOpenKey(HKEY_LOCAL_MACHINE , "SOFTWARE\\Kingsoft\\KSWSVC", &hkey) == ERROR_SUCCESS)
{
if (RegQueryValueExW(hkey , L"ProgramPath" , NULL , &datatype , (LPBYTE)InstallPath , &datasize) != ERROR_SUCCESS)
{
RegCloseKey(hkey);
printf("KSWebShield not installed\n");

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability

        DWORD datatype ; 
        DWORD datasize = MAX_PATH * sizeof(WCHAR);
        ULONG oldlen ;
        PVOID pOldBufferData = NULL ; 

        if (RegOpenKey(HKEY_LOCAL_MACHINE , "SOFTWARE\\Kingsoft\\KSWSVC", &hkey) == ERROR_SUCCESS)
        {
                if (RegQueryValueExW(hkey , L"ProgramPath" , NULL , &datatype , (LPBYTE)InstallPath , &datasize) != ERROR_SUCCESS)
                {
                        RegCloseKey(hkey);
                        printf("KSWebShield not installed\n");

CORE-2010-0514: XnView MBM Processing Heap Overflow

A 0  SS 0023 32bit 0(FFFFFFFF)
Z 0  DS 0023 32bit 0(FFFFFFFF)
S 0  FS 0038 32bit 7FFDA000(FFF)
T 0  GS 0000 NULL
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00000206 (NO,NB,NE,A,NS,PE,GE,G)
ST0 empty -UNORM BC50 00000200 0014BC50
ST1 empty +UNORM 0014 000800EC 0049ECC0
ST2 empty +UNORM 4720 0012EF38 00000000
ST3 empty +UNORM 4730 01010052 00000014

AlleyCode SEH overflow POC‏‏

A 0  SS 0023 32bit 0(FFFFFFFF)
Z 1  DS 0023 32bit 0(FFFFFFFF)
S 0  FS 003B 32bit 7FFDD000(FFF)
T 0  GS 0000 NULL
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00010246 (NO,NB,E,BE,NS,PE,GE,LE)
ST0 empty -UNORM 9FF2 0000000C 0012FBC4
ST1 empty -3.8474706309670431820e-4535
ST2 empty 3.9878918856663954540e-2331
ST3 empty +UNORM 00C3 00000000 00000084

BulletProof FTP Client Buffer Overflow (SEH)

A 0  SS 0023 32bit 0(FFFFFFFF)
Z 1  DS 0023 32bit 0(FFFFFFFF)
S 0  FS 003B 32bit 7FFDF000(FFF)
T 0  GS 0000 NULL
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00010246 (NO,NB,E,BE,NS,PE,GE,LE)
ST0 empty -??? FFFF 00FF00FF 00FF00FF
ST1 empty -??? FFFF 00FF00FF 00FF00FF
ST2 empty -??? FFFF 000000F3 00F300F3
ST3 empty -??? FFFF 000000F3 00F300F3

[Kil13r-SA-20100513] Adobe Flash Player 10.0 Denial Of Service Vulnerability

A 0  SS 0023 32bit 0(FFFFFFFF)
Z 0  DS 0023 32bit 0(FFFFFFFF)
S 0  FS 003B 32bit 7FFD9000(FFF)
T 0  GS 0000 NULL
D 0
O 0  LastErr 00000000 ERROR_SUCCESS
EFL 00250202 (NO,NB,NE,A,NS,PO,GE,G)
...

The rest is omitted.
For more information see Proof of Concept screen shot.


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!