Location:
Search - FoxMail5
Search list
Description: FoxMail5.0漏洞利用。采用缓冲区溢出的shell编程,适合的版本:FoxMail5.0 ,FoxMail5.0 beta1及beta2.-FoxMail5.0 exploits. Using a buffer overflow shell programming, suitable Version : FoxMail5.0, FoxMail5.0 beta1 and beta2.
Platform: |
Size: 3530 |
Author: 王松 |
Hits:
Description: Foxmail 5远程缓冲区溢出漏洞
注:本文是2004年2月xfocus成员在内部技术交流中提出的,在此之前,启明星辰技术人员已经发现这一漏洞,但未公开细节,xfocus成员听说存在这一漏洞后对Foxmail进行分析,并写出利用代码。
测试环境:win2k sp4+foxmail 5.0.300
以前测试foxmail 4.x的时候曾经发现过溢出漏洞,不过后来一直没时间研究就先放下了,后来听说Foxmail5也有溢出,但是一直没有看见公布。于是没事的时候干脆自己研究一下,测试后发现以前的溢出漏洞已经补上了,不过出了一个新的漏洞。
问题出在PunyLib.dll里面的UrlToLocal函数,估计这是一个用来处理垃圾邮件的链接库,当一封邮件被判定为垃圾邮件时,就会调用UrlToLocal来处理邮件体的“From: ”字段,处理过程中发生堆栈溢出,可以导致执行任意代码。
-Foxmail 5 20042xfocusxfocusFoxmailby using code. Test environment : 5.0.300 win2k Explorer I tested before 4.x when I had found overflow vulnerabilities, but it was never on the first time down, and later also heard Foxmail5 overflow, but had not seen published. So nothing happened when they go out and look at the test and found the vulnerability in the past has been replaced, but a new one of the loopholes. The problem is that the inside of PunyLib.dll UrlToLocal function, which is estimated to handle a spam link library, when a mail is judged to be spam, they would call UrlToLocal to handle mail with a "From :" field, the processing stack overflow can lead to the implementation of the Italy code.
Platform: |
Size: 12975 |
Author: 丁兴全 |
Hits:
Description: foxmail邮箱密码破译,使用时请将
“Foxmail目录/mail/帐号名/Account.stg”文件里面的ESMTPPassword字段输入到对话框中,按下按钮即可出现原文
Platform: |
Size: 25544 |
Author: kingstarer |
Hits:
Description: FoxMail5.0漏洞利用。采用缓冲区溢出的shell编程,适合的版本:FoxMail5.0 ,FoxMail5.0 beta1及beta2.-FoxMail5.0 exploits. Using a buffer overflow shell programming, suitable Version : FoxMail5.0, FoxMail5.0 beta1 and beta2.
Platform: |
Size: 3072 |
Author: 王松 |
Hits:
Description: Foxmail 5远程缓冲区溢出漏洞
注:本文是2004年2月xfocus成员在内部技术交流中提出的,在此之前,启明星辰技术人员已经发现这一漏洞,但未公开细节,xfocus成员听说存在这一漏洞后对Foxmail进行分析,并写出利用代码。
测试环境:win2k sp4+foxmail 5.0.300
以前测试foxmail 4.x的时候曾经发现过溢出漏洞,不过后来一直没时间研究就先放下了,后来听说Foxmail5也有溢出,但是一直没有看见公布。于是没事的时候干脆自己研究一下,测试后发现以前的溢出漏洞已经补上了,不过出了一个新的漏洞。
问题出在PunyLib.dll里面的UrlToLocal函数,估计这是一个用来处理垃圾邮件的链接库,当一封邮件被判定为垃圾邮件时,就会调用UrlToLocal来处理邮件体的“From: ”字段,处理过程中发生堆栈溢出,可以导致执行任意代码。
-Foxmail 5 20042xfocusxfocusFoxmailby using code. Test environment : 5.0.300 win2k Explorer I tested before 4.x when I had found overflow vulnerabilities, but it was never on the first time down, and later also heard Foxmail5 overflow, but had not seen published. So nothing happened when they go out and look at the test and found the vulnerability in the past has been replaced, but a new one of the loopholes. The problem is that the inside of PunyLib.dll UrlToLocal function, which is estimated to handle a spam link library, when a mail is judged to be spam, they would call UrlToLocal to handle mail with a "From :" field, the processing stack overflow can lead to the implementation of the Italy code.
Platform: |
Size: 12288 |
Author: 丁兴全 |
Hits:
Description: foxmail邮箱密码破译,使用时请将
“Foxmail目录/mail/帐号名/Account.stg”文件里面的ESMTPPassword字段输入到对话框中,按下按钮即可出现原文-Foxmail mail code-breaking, when you use
Platform: |
Size: 25600 |
Author: kingstarer |
Hits:
Description: 《Q版黑客缓冲区溢出教程》源码
配合《Q版黑客缓冲区溢出教程.pdf》-《Q version buffer overflow hacking tutorial》 source
Platform: |
Size: 1983488 |
Author: 郭嵩 |
Hits:
Description: Q版缓冲区溢出源码 关于foxmail5.0的 5个-Q-buffer overflow source on foxmail5.0 5
Platform: |
Size: 16384 |
Author: asdf |
Hits: