Home / os / win10

Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow

Posted on 08 January 2021

Backdoor.Win32.NinjaSpy.c suffers from a remote stack buffer overflow vulnerability. The specimen drops a DLL named "cmd.dll" under C:WINDOWS which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP PUT requests with large payloads of characters, we can cause buffer overflow.

 

TOP

Malware :

Exploits :