It’s been a while since the last post about exploitation on this blog. This time, we try to explain a stack based overflow on a software called Cyberlink LabelPrint. The software serves as a tool to assist in designing labels for CD / DVD covers. Cyberlink LabelPrint is included in the installation of Cyberlink Power2Go, PowerDVD, and Power Producer software and also pre-installed in the latest laptop by Lenovo, HP, and Asus.

After playing around with unicode stack overflow, I try to do it on an application called AllPlayer. Techniques used are not much different, so the result will be the same as the previous exploits. This application never seems to be updated by the developer, ironically this application is widely used.

EternalBlue dapat digunakan untuk melakukan eksploitasi pada layanan Server Message Block (SMB) tanpa membutuhkan proses otentikasi. Kemudian ditambah dengan menggunakan DoublePulsar untuk mengirim sekaligus mengeksekusi malicious Dynamic-Link Libraries (DLL) atau raw shellcode pada komputer korban.