Allok Fast AVI MPEG Splitter Stack-Based Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A stack-based buffer overflow vulnerability has been identified in Allok Fast AVI MPEG Splitter version 1.2. This vulnerability allows local attackers to execute arbitrary code by providing a malicious license name string. Exploitation involves crafting a payload with 780 bytes of junk data followed by structured shellcode, which is then placed in the License Name field to trigger the overflow and execute code with the application's privileges.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with the privileges of the application.

Reproduction

To reproduce this vulnerability, download and install Allok Fast AVI MPEG Splitter version 1.2. After installation, run the application and navigate to the registration section. Use a Python script to generate a payload that includes 780 bytes of junk data, followed by a return address and shellcode. Save this payload to a text file, then copy the contents of the file and paste them into the License Name field. Enter some random characters in the License Code field and click Register. This will trigger the buffer overflow, resulting in the execution of the injected shellcode, which in this case can be modified to execute any desired command.