Changeset 1539

Timestamp:

02/04/08 15:23:10 (8 months ago)

Author:

jose

Message:

[phoneyc]
add support for the Yahoo Jukebox ActiveX overflows
vuln module, exploit code

Files:

• phoneyc/trunk/ActiveX.py (modified) (2 diffs)
• phoneyc/trunk/modules/jscript/YahooJukebox.js (added)
• phoneyc/trunk/tests/5043.html (added)
• phoneyc/trunk/tests/5051.html (added)
• phoneyc/trunk/tests/5052.html (added)

phoneyc/trunk/ActiveX.py

@@ -57 +57 @@
-        self.clsid['DC07C721-79E0-4BD4-A89F-C90871946A31'] = GomWeb()
-        self.clsid['6054D082-355D-4B47-B77C-36A778899F48'] = Move()
+        self.clsid['22FD7C0A-850C-4A53-9821-0B0915C96139'] = YahooJukebox()
+        self.clsid['5F810AFC-BB5F-4416-BE63-E01DD117BD6C'] = YahooJukebox()
-
-        self.clsname = {}
@@ -389 +391 @@
-        self.description = 'Move Networks Upgrade Manager 1.x'
-
+class YahooJukebox(ActiveX):
+    def __init__(self):
+        self.js_src = self.load_js_src('YahooJukebox.js')
+        self.classname = 'YahooJukebox'
+        self.cve_id = ('CVE-NOMATCH', )
+        self.description = 'Yahoo! Music Jukebox 2.x'
+