Developer: www.Indentix.com
Tested On: Windows Xp Pro Sp2 & Google Chrome browser 0.2.149.30.
By: Aodrulez.
This download manager crashes completely when the attached
specially crafted files' contents are copied to System clipboard.
So, if you craft a special HTML file as shown below, the link that
it generates completely kills Winget 3.0 remotely.
Usage:Start Winget, minimize its window & then open the html
file in a browser(fully tested on Google chrome) & then follow
onscreen intructions.This html file downloads a specially crafted
text file & renders its contents as a link.
Greetz fly out to:
1]LiquidWorm : For being so nice.....n guiding me.. :)
2]str0ke : For goin thru all my silly e-mails.
3]Amforked() : My mentor.
4]OSRT :- This is dedicated to all the members!
------------------------------------------------------------------
By: Aodrulez,
www.OrchidSeven.com,
aodrulez.blogspot.com.
Email: f3arm3d3ar@gmail.com
The Exploit:
-----------------------------------------------------------------------------
Aodrulez's Winget 3.0 Download Manager(Build 112) Remote DOS Exploit PoC.
Greetz Fly Out to: LiquidWorm,str0ke & Amforked().
No comments:
Post a Comment