RobolImport 1.2.0.72 - 拒绝服务漏洞 (PoC) 漏洞概述 漏洞标题: RobolImport 1.2.0.72 - Denial of Service (PoC) EDB-ID: 45382 作者: Gionathan "John" Reale 类型: DOS (拒绝服务) 平台: Windows XP 日期: 2018-09-12 受影响版本: 1.2.0.72 测试环境: Windows 7 32-bit 影响范围 受影响软件: RobolImport 受影响平台: Windows XP 漏洞类型: 拒绝服务 (Denial of Service) 修复方案 官方链接: RobolImport安装程序 建议: 更新到最新版本或联系厂商获取补丁。 POC代码 ```python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/usr/bin/python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/usr/bin/python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/usr/bin/python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/usr/bin/python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/usr/bin/python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/usr/bin/python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/usr/bin/python Exploit Title: RobolImport 1.2.0.72 - Denial of Service (PoC) Author: Gionathan "John" Reale Discovery Date: 2018-09-11 Software Link: http://www.picsjet.com/download/RobolImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file with the name "exploit.txt". Copy the content from "exploit.txt". Now start the program. Now paste the contents of "exploit.txt" into the fields: 'Registration Name' & 'Registration Key' Click the "Register" button and you will see a crash! #!/us