# Date: [23/01/2015]
# Exploit Author: [Kapil Soni (Haxinos)]
# Twitter: @Haxinos
# Vendor Homepage: [http://www.aimp.ru/]
# Software Link: [https://drive.google.com/file/d/0B0hkLvGZtoWUcGl5R21LQTZYaHM/view?usp=sharing]
# Version: [AIMP 3.60.1470]
# Tested on: [Windows XP SP2]
Product Information:
=========================
**Multi-format Playback:
------------------------
.CDA, .AAC, .AC3, .APE, .DTS, .FLAC, .IT, .MIDI, .MO3, .MOD, .M4A, .M4B, .MP1, .MP2, .MP3,
.MPC, .MTM, .OFR, .OGG, .OPUS, .RMI, .S3M, .SPX, .TAK, .TTA, .UMX, .WAV, .WMA, .WV, .XM
**Output supports
------------------
DirectSound / ASIO / WASAPI / WASAPI Exclusive
**18-band equalizer and built-in sound effects
----------------------------------------------
Reverb, Flanger, Chorus, Pitch, Tempo, Echo, Speed, Bass, Enhancer, Voice Remover
32-bit audio processing
For the best quality!
**Work with multiple playlists
------------------------------
While one plays - you work with another
Internet radio
Listen internet-radio stations in OGG / WAV / MP3 / AAC / AAC+ formats
Capture stream to APE, FLAC, OGG, WAV, WV, WMA and MP3 formats
Capture stream as is for MP3 / AAC / AAC+ formats
Work with few playlists:
-------------------------
Personal appearance settings of even playlist
Ability to block content from changes
Ability to synchronize playlist content with folder or another playlist
Multithreading encoding
-----------------------
Few encoding modes
Single source - single result / All sources - single result (with ability to generate CUE Sheet)
Encode to popular formats
Encode to APE, MP3, FLAC, OGG, WAV, WMA, MusePack and WavPack formats
Audio CD Grabber
----------------
Allow you to import audio data from Audio CD
An ability to change format of input audio stream?
Shut down the computer after conversion operation
Audio Library
--------------
Represents the music files organizer, which allows you easily organize your music, set marks for listened Tracks, keeping playback statistics.
Alarm Clock
-----------
You can choose playback start time of selected track with smooth volume increasing.
Wake up the computer from sleeping mode is supported.
Auto shutdown the computer
---------------------------
You can sleep while listening favorite music, just set the timer to shutdown the computer at given time or on playback finish.
Debugging & Error Logs:
========================
(7d8.1fc): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=024a2340 ebx=00420070 ecx=00410041 edx=00410041 esi=02492310 edi=004186e4
eip=00577e73 esp=0012fbe0 ebp=0012fc54 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\AIMP3\AIMP.Runtime.dll -
AIMP_Runtime!SystemAtomicXchgInt64$qqrrjj+0x407:
*** ERROR: Module load completed but symbols could not be loaded for C:\Program Files\AIMP3\AIMP3.exe
00577e73 8911 mov dword ptr [ecx],edx ds:0023:00410041=004101c9
Missing image name, possible paged-out or corrupt data.
Missing image name, possible paged-out or corrupt data.
Steps for Reproduce (Access Violation):
==========================
1) Open AIMP Player and rename the playlist or press ALT+R
2) put "A" - 40000 times or more and click on OK.
3) Now press cntrl+s for save playlist, and application got crashed.
Exploitation Technique:
=======================
Local (Overflow, Crash PoC)
Status:
==========
Reported
Author:
=======
Kapil Soni (@Haxinos)
0 comments:
Post a Comment