Added by: A^C^E Date: 07.10.04 Time: 05:08:58 Category: Tools Source: http://seclists.org/lists/fulldisclosure/2004/Oct/0153.html Hello list, I wrote a very simple program/batch file that tests for the JPEG exploit, then if affected, provides instructions on how to patch the exploit. It has been tested on my own lil happy lab network, as well as one one network where I'm a sysadmin. (Tested on Windows XP Home and Pro, SP1a and SP2.) It DOES test for the exploit by attempting to use an "infected" JPG which downloads the instructions for fixing it, if exploited. By viewing the strings in the JPG, you can see the file it downloads and check it out for yourself. It's clean. =) Just contains a batch file and a program to launch the batch file. (The file that gets downloaded is a simple SFX.) Links are below. It contains a warning saying it's about to try to exploit the system and to save data in open programs. (It also warns that Explorer may crash.) I wrote this merely to save myself time and allow friends/family to test their own systems, then patch them without having to call me for help. It's not been tested in every environment and in every scenario. If you find a problem, feel free to email me (exploit _AT_ guidoz _DOT_ com) Obviously I'm not responsible if it's abused somehow, or if it breaks something, etc. Feel free to modify it to suit your own needs, but use it at your own risk. Test can be downloaded from here: http://www.guidoz.com/exploit-test.exe Again, it's just an SFX archive with a batch file. Hopefully it will save someone else some time. I've used it to have friends/family (and a few clients) patch a total of around 30 machines without problems. |
|小黑屋|最新主题|手机版|微赢网络技术论坛 ( 苏ICP备08020429号 )
GMT+8, 2024-9-29 23:25 , Processed in 0.165134 second(s), 12 queries , Gzip On, MemCache On.
Powered by Discuz! X3.5
© 2001-2023 Discuz! Team.