Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: VLC media player MKV Parsing POC
From: kaveh ghaemmaghami <kavehghaemmaghami () googlemail com>
Date: Wed, 10 Jul 2013 13:45:49 +0430

You're either lazy

i did

i  really don't appreciate your troll (with out any investigation
and analysis )

On Wed, Jul 10, 2013 at 3:03 AM, kaveh ghaemmaghami <
kavehghaemmaghami () googlemail com> wrote:

Hello list,
regarding to nonsense VLC post

http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia?pub=0#pr

1.we said that this was a crash, not an exploitable security issue

and funny publication Comment

You forget to mention most important thing: If Secunia Research is
professional, why don't they provide you with working exploit? (in example
EIP = 0x41414141) I'm sure company like VUPEN would do just that to prove
they point. Isn't worth to point out on other sites? (e.g. netsec)
I really like this https://twitter.com/Secunia/status/...<https://twitter.com/Secunia/status/337140449712156672>
 you can spot _two_ lies - first they don't find ANY vuln, second their
lying about timeframe.


Here is your VUPEN  0x41414141


ModLoad: 64fb0000 650d8000   C:\Program Files
(x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll

(be8.f0c): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=02b92a18 ebx=00890000 ecx=41414141 edx=00100000 esi=02bccbd8
edi=00890178
eip=77163fbb esp=04d1f324 ebp=04d1f348 iopl=0         nv up ei ng nz na po
cy
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b
efl=00010283
ntdll!RtlImageNtHeader+0xe37:
77163fbb 8b11            mov     edx,dword ptr [ecx]
 ds:002b:41414141=????????

0:010> g

(be8.f0c): Access violation - code c0000005 (!!! second chance !!!)
eax=02b92a18 ebx=00890000 ecx=41414141 edx=00100000 esi=02bccbd8
edi=00890178
eip=77163fbb esp=04d1f324 ebp=04d1f348 iopl=0         nv up ei ng nz na po
cy
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b
efl=00010283
ntdll!RtlImageNtHeader+0xe37:
77163fbb 8b11            mov     edx,dword ptr [ecx]
 ds:002b:41414141=????????

0:010> r ecx

ecx=41414141

0:010> d ecx
41414141  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????
41414151  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????
41414161  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????
41414171  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????
41414181  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????
41414191  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????
414141a1  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????
414141b1  ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??  ????????????????

POC included

Stay Secure

Regards
Kaveh

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]