Navigation

← Previous Changeset
Next Changeset →

Changeset 1458

Timestamp:

11/29/07 22:50:11 (9 months ago)

Author:

jose

Message:

support the RealPLayer exploit out there better
- return a version property
- properly stub out the Import() function
- add a CVE ID
we pretent to be an en-us browser

Files:

phoneyc/trunk/ActiveX.py (modified) (1 diff)
phoneyc/trunk/honeyclient.py (modified) (1 diff)
phoneyc/trunk/modules/jscript/RealPlayer.js (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

phoneyc/trunk/ActiveX.py

r1451	r1458
35	35	self.clsname['PPlayer.XPPlayer.1'] = PPlayer()
36	36	self.clsname['IERPCTL.IERPCTL'] = RealPlayer()
	37	self.clsname['IERPCTL.IERPCTL.1'] = RealPlayer()
37	38
38	39	# set up the pure JScript version

phoneyc/trunk/honeyclient.py

r1457	r1458
139	139	navigator.appVersion="4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
140	140	navigator.userAgent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
	141	navigator.userLanguage = 'en-us';
141	142	var self = new object();
142	143	var productVersion = '';

phoneyc/trunk/modules/jscript/RealPlayer.js

r1444	r1458
1	1	// RealMedia RealPlayer Ierpplug.DLL ActiveX Control
2		//
	2	// CVE-2007-5601
3	3
4	4	function RealPlayer() {
…	…
12	12	add_alert('RealPlayer 10.5 ierpplug.dll overflow in PlayerProperty()');
13	13	}
	14	return("6.0.11.1");
14	15	}
15		this.Import=function(~~arg~~) {
16		if (arg.length > 1000) {
	16	this.Import=function(url, arg1, arg2, arg3) {
	17	if (arg1.length > 1000) {
17	18	add_alert('RealPlayer 10.5 ierpplug.dll overflow in Import()');
18	19	}