Domain Quester Pro Stack Overflow Vulnerability Allowing Arbitrary Code Execution

A stack overflow vulnerability has been identified in Domain Quester Pro version 6.02. This vulnerability allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Exploitation involves crafting a malicious payload that targets the 'Domain Name Keywords' input field, triggering an access violation that can be exploited to execute a bind shell on port 9999.

Impact

Exploitation of this vulnerability leads to arbitrary code execution on the affected system.

Reproduction

To reproduce this vulnerability, first generate a payload that will create a bind shell listening on TCP port 9999. This can be done using a Python script that incorporates shellcode into a text file. Once the payload is prepared, copy the contents of the file into the clipboard. After that, install and open Domain Quester Pro 6.02. In the application, navigate to the 'Domain Name Keywords' section and paste the payload into the provided textbox. Clicking 'OK' will trigger the vulnerability, causing the program to freeze while the bind shell is activated in the background.