FileFuzz – Denial of Service

• Exploit Database
• 13 阅读

• 作者： Sweet
  日期： 2010-11-05
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/15429/

• Exploit Title :Filefuzzer Denial of service vulnerability
  Software : Filefuzzer
  Software link :http://labs.idefense.com/software/fuzzing.php
  Autor : Sweet
  Email : charif38@hotmail.fr
  Date: 5/11/2010
  Tested on : WinXp sp3 eng | Vmware
  Software detail: FileFuzz is a graphical Windows based devlopped by file format fuzzing tool . Devlopped by "IDefense Labs",
   FileFuzz was designed to automate the launching of applications and detection of
   exceptions caused by fuzzed file formats. compiled under Microsoft .NET 2.0
  Thx to : Inj3ct0r.com , shell-storm.org , exploit-db.com and 123 viva l'Algerie
  POC
  Setup the application to fuzz any kind of application you want , i just left everything by default 
  
  in Create menu
  File Type: "bkf - ntbackup.exe"
  Source file: "C:\Program Files\FileFuzz\Attack\test.bkf"
  Target Directory : "c:\fuzz\bkf\" #Create the directory if it's dosent existe
  
  in Execute menu
  Application: "C:\WINDOWS\system32\ntbackup.exe"
  Arguments: by default its "{0}" change it to "{A}" and presse execute wish will cause the application to crash