Pwning Script Kiddies – Acunetix Buffer Overflow

Introduction

Recently a security researcher named โ€œDanor Cohen – An7iโ€ had found a buffer overflow vulnerability and he has written a nice exploit for Acunetix Web Vulnerability Scanner 8.0. As this exploit was an ascii based one I was interested in re-writing the exploit because my previous exploit was also an ascii based one. However with the emerging of bug bounties and responsible disclosure policies Iโ€™ve seen many people firing up web application security scanners against live hosts in which automated vulnerability assessments are not permitted at all. Well, by triggering this buffer overflow vulnerability we can have some fun owning the noobs ๐Ÿ˜‰

Crash

When we submit a new website to be scanned by Acunetix it searches for html tags like <img src=โ€โ€ >, <a href=โ€โ€> to get the additional hosts from that website. So if we place an html tag in the page like (more…)