关联漏洞
标题:
Hex Rays IDA Pro 安全漏洞
(CVE-2024-44083)
描述:Hex Rays IDA Pro是比利时Hex Rays公司的一个强大的反汇编器和一个多功能的调试器。常用于逆向工程。 Hex Rays IDA Pro 8.4及之前版本存在安全漏洞,该漏洞源于在处理具有许多跳转指令的代码节时,如果最终跳转对应于实际入口点将要调用的有效载荷,ida64.dll可能会崩溃。
描述
Makes IDA (all versions) to crash upon opening it.
介绍
# CVE-2024-44083
Crashes IDA (all versions) upon opening the malicious binary.
# Disclamer
This software is provided "as is" for educational and research purposes only. The author is not responsible for any damage, loss, or legal issues arising from the use or misuse of this software. By using this software, you agree to use it at your own risk and assume full responsibility for any consequences.
# How to use
- Install rust at https://www.rust-lang.org/.
- Compile the binary with ```cargo build```/```cargo build --release```.
- Run it by giving it the following arguments:
```--input {input_file}``` this is the path of the inputed file.
```--output {output_file}``` - this is the path of the saved output.
```--jumps {number_of_jumps}``` - this is the number of jumps that.
# Compatibility
This was tested for x86_64 PE binaries. meaning if you try it on another format, it might not work.
I do think that if some changes are made, it's possible to make this compatible with other architectures and executable formats.
文件快照
[4.0K] /data/pocs/9aa44435b5b0ff023b7149bafa5579f3a61c096d
├── [ 342] Cargo.toml
├── [1.0K] README.md
├── [4.0K] resources
│ └── [ 704] example.exe
├── [ 617] rustfmt.toml
└── [4.0K] src
└── [3.2K] main.rs
2 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。