漏洞挖掘
文章平均质量分 58
instruder
I'am a Vulnerability hunter!
alert("instruder")
展开
-
CVE-2012-0759 Adobe Shockwave Player Director File Parsing KEY ATOM Pointer Overwrite
Discover: instruder of code audit labs of vulnhunt.comCAL: CAL-2011-0055CVE: CVE-2012-07591 Affected Products=================Test Version:Adobe Shockeave Player 11.6.3.633Adobe Shoc原创 2012-02-15 20:07:40 · 592 阅读 · 0 评论 -
权限提升
普通权限在不需要任何验证即启动了一个高级别权限的进程 本身就存在了很大的风险。权限存在交互 就很容易导致问题原创 2013-03-29 21:00:27 · 1254 阅读 · 0 评论 -
CVE-2013-0636
http://www.adobe.com/support/security/bulletins/apsb13-06.html原创 2013-02-18 12:20:48 · 1436 阅读 · 0 评论 -
chrome 插件的一处bug crash
https://code.google.com/p/chromium/issues/detail?id=127720&thanks=127720&ts=1336704072原创 2012-07-16 17:38:47 · 921 阅读 · 0 评论 -
vul_sample
wchar_t * copy_data(wchar_t * string){ wchar_t *sep,*new1; int size=32 *sizeof(wchar_t); new1 =(wchar_t *)malloc(size); *new1='\0'; if (*string!='/') { wcscpy(new1,L"/"); size-=sizeof(wchar原创 2012-05-19 22:11:34 · 636 阅读 · 1 评论 -
HP_imc 5.1_E0202 imf.dll recv packets integer overflow
imf.dll版本 HP_iMC_PLAT_5.1_E0202_Standard_Windows_HP_iMC_PLAT_5.1_E0202_Standard_Windows漏洞汇编代码:.text:003B4083 mov ecx, [esi+38h].text:003B4086 mov eax, [ecx+eb原创 2012-05-20 20:51:43 · 974 阅读 · 0 评论 -
由 MS12-005 : 嵌入式对象任意代码执行引发的思考
http://blog.vulnhunt.com/index.php/2012/03/24/thinking_about-ms12-005/原创 2012-03-26 22:12:15 · 567 阅读 · 0 评论 -
ALLPlayerEN 5.0 ehtrace.dll dll hijack Vulnerability
/*Exploit Title: ALLPlayerEN 5.0 ehtrace.dll dll hijack VulnerabilityDate: 2012-3-25Author: instruderSoftware Link: http://www.allplayer.org/zh/download/allplayerVersion: ALLPlayerEN 5.0Teste原创 2012-03-26 22:09:34 · 576 阅读 · 0 评论 -
飞秋0day
Author: instruder of Code Audit Labs of vulnhunt.comversion:飞秋2.4 修正版//闪屏振动 数据包 00136A70 31 5F 6C 62 74 34 5F 30 23 31 33 31 23 30 30 31 1_lbt4_0#131#00100136A80 42 32 34 35 37 30 39原创 2011-10-03 12:22:11 · 1215 阅读 · 0 评论 -
CVE-2012-0758 Adobe Shockwave Player Parsing cupt atom heap overflow
Discover: instruder of code audit labs of vulnhunt.comCAL: CAL-2011-0071CVE: CVE-2012-07581 Affected Products=================adobe shockwave 11.6.3.633adobe Shockwave 11.6.1.629 and p原创 2012-02-15 20:06:09 · 680 阅读 · 0 评论 -
CVE-2011-2448 Adobe ShockwaveDirector File Parsing data of rcsl chunk multiple DOS vulnerabilities
Adobe Shockwave Player Director File Parsing data of rcsl chunk multiple DOS vulnerabilitiesCAL_ID: CAL-2011-0054CVE ID: CVE-2011-2448Discover: instruder of code audit labs of vulnhunt.comhttp原创 2011-11-09 20:29:01 · 488 阅读 · 0 评论 -
QVOD strstr 栈溢出
QVOD有一个ie插件:QvodInsert.dll,[CODE]类似这样的:0C420048 48 54 54 50 2F 31 2E 31 20 33 30 32 20 46 6F 75 HTTP/1.1 302 Fou0C420058 6E 64 0D 0A 53 65 72 76 65 72 3A 20 51 76 6F 64 nd..Server: Qvod0原创 2011-08-03 21:31:25 · 994 阅读 · 0 评论 -
KnFTP Server Directory Traversal delete any file Vulnerability
# Exploit Title: KnFTP Server Directory Traversal delete any file Vulnerability# Date: 2011-09-17# Author: instruder of Code Audit Labs of vulnhunt.com( 834858875 [at] qq [dot] com )# Sof原创 2011-09-20 09:43:40 · 781 阅读 · 0 评论 -
CVE-2011-2446 Adobe Shockwave Player Director File Parsing PAMM memory corruption vulnerability
[CAL-2011-0052]Adobe Shockwave Player Director File Parsing PAMM memory corruption vulnerabilityCAL ID: CAL-2011-0052CVE ID: CVE-2011-2446Discover: instruder of code audit labs of vulnhunt.com原创 2011-11-09 20:27:16 · 747 阅读 · 0 评论 -
肉眼挖啊挖
蛋疼 待验证.text:1000C855 cycle_big: ; CODE XREF: sus_sub_1000C520+3D2j.text:1000C855 push 1.text:1000C857 mov ecx, ebx.text:1000原创 2013-04-04 11:54:40 · 1533 阅读 · 2 评论