Download
Exploit Code :
Download:
http://www.exploit-db.com/sploits/safari_parent_close_sintsov.zip
Unzip and run START.htm
This exploit use JIT-SPRAY for DEP and ASLR bypass.
jit-shellcode: system("notepad")
0day.html - use 0x09090101 address for CALL JITed shellcode.
START.htm -> iff.htm -> if1.htm -> 0day.html
| |
| |
JIT-SPRAY parent.close();
0x09090101 - JITed * ESI=0x09090101
shellcode * CALL ESI
By Alexey Sintsov
from
Digital Security Research Group
[www.dsecrg.com]
Safari 4.0.5 parent.close() Memory Corruption exploit (w/ASLR and DEP bypass)
- Safari 4.0.5 parent.close() Memory Corruption exploit (w/ASLR and DEP bypass)
- Unknown
- May 17, 2010
- No comments:
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment
silahkan tinggalkan komentar anda disini .. :D