|13th Jun, 2014 15:48|
User Since: 13th Jun, 2014
System Score: N/A
Last edited on 13th Jun, 2014 16:14
i have a question according to CVE-2013-1954 - execute arbitrary code via a crafted ASF movie in VLCs asf demuxer. If i wanted to use this vulnerability what would be the first steps?
Don't be afraid, i don't want to do evil things (ok, everyone could say this). I have to explain the vulnerability in a course at university and i have to explain it so that my fellow students can understand what happens and why this works. I don't want a step by step explanation. But if someone could give me any hints that would be nice.
If i load an asf file to vlc the file is read by demux/asf/asf.c. Somewhere (but at a special position i think?) in the asf movie file i put my code that is to be executed. How should i prepare it? Obviously i have to put the string "/bin/sh" somewhere in the asf file (probably in hexadecimal notation).
While reading (or processing) the movie file VLC will run into troubles (and finally crashes) and execute my smuggled code.
Thanks in advance