Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I would like to make a contribution to metasploit with a module for "CVE-2012-0270: Csound util/heti_main.c getnum() Function hetro File Handling Remote Overflow" with the hope you find it useful. (Really the exploit is exploiting the same vuln in util/heti_import.c)
It's a FILEFORMAT exploit which generates a tabulated file to import through Csound with a command like:
csound -U het_import msf.csd file.het
Warning: This exploit doesn't work if the het_import command is used directly!
The Csound version used to exploit development can be downloaded from: http://sourceforge.net/projects/csound/files/csound5/csound5.15/Csound5.15-gnu-win32-d.exe/download
I've tested on XP SP3 and W7 SP1 successfully with windows/exec and windows/meterpreter_reverse_tcp.
Finally I'm learning and training exploit writing and metasploit dev so any feedback about the code is welcome!
Regards,
juan