SpotAuditor Buffer Overflow Vulnerability in Base64 Encrypted Password Tool Allows Arbitrary Code Execution

A local buffer overflow vulnerability has been identified in SpotAuditor version 5.3.2, specifically within the Base64 Encrypted Password tool. This vulnerability allows attackers to execute arbitrary code by crafting a malicious Base64 encoded payload. The exploitation involves overwriting the Structured Exception Handler (SEH) to execute shellcode on the affected system.

Impact

Exploitation of this vulnerability leads to a local buffer overflow, allowing for arbitrary code execution by overwriting the Structured Exception Handler (SEH) and executing shellcode on the vulnerable system.

Reproduction

To reproduce this vulnerability, download and install SpotAuditor 5.3.2. After installation, navigate to the 'Base64 Encrypted Password' tool. Generate a payload using a Python script that creates a Base64 encoded file (poc.txt) containing a buffer of 'A' characters. Copy the payload from poc.txt and paste it into the Base64 Encrypted Password field, then click 'Decrypt'. The application will crash, demonstrating the denial-of-service aspect of the exploit. For the buffer overflow exploitation, the same steps can be followed, but the Python script should be modified to include shellcode payload instead of just 'A' characters.