Thursday, 18 October 2012

VLC Media Player 2.0.3 - .AVI DoS POC

VLC media player (2.0.3 Twoflower) - .AVI DoS Exploit:

!exploitable result:

Exploitability Classification: UNKNOWN
Recommended Bug Title: Data from Faulting Address controls Branch Selection starting at KERNELBASE!lstrlenW+0x000000000000001a (Hash=0x2e3a5a04.0x79532c61)
The data from the faulting address is later used to determine whether or not a branch is taken. 
Download Here.


  1. Hey there! I don't know for sure how it happened, but right after downloading your exploit something went wrong with my player and it stops to work with any of files as it supposed to... I wander through some blog posts looking for someone who had the same issue and one noname from Reddit suggested me to use this tool in order to fix all corrupted file associations that appeared. And it worked out in a perfect way, so now I can open any of my videos again as well as open mpg file I think you should to check this exploit again - I'm not really sure that this is the way how it should works...

  2. The article is much informative which i was searching for .Nice intro good explanation thanks for sharing.