20 lines
No EOL
810 B
Text
20 lines
No EOL
810 B
Text
********************************************************************************************
|
|
# Exploit Title: Xion Audio Player build 155 Stack Based BOF.
|
|
# Date: 8/19/2015
|
|
# Exploit Author: Un_N0n
|
|
# Software Vendor : http://www.xionplayer.com
|
|
# Software Link: http://www.xionplayer.com/page/download
|
|
# Version: 1.5 (Build 155)
|
|
# Tested on: Windows 7 x86(32 BIT)
|
|
********************************************************************************************
|
|
|
|
[Steps to Produce the Crash]:
|
|
1- open 'Xion.exe'.
|
|
2- Drag the malformed MP3 file into Xion Audio Player.
|
|
~ Software will Crash.
|
|
|
|
[Creating Malformed MP3 File?]:
|
|
>Replace the details of the legit MP3 file with large number of "A"s or any other random value.
|
|
|
|
|
|
********************************************************************************************** |