Subscribe via feed.

Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow

Posted by deepcore on January 9, 2021 – 5:35 am

Backdoor.Win32.NinjaSpy.c suffers from a remote stack buffer overflow vulnerability. The specimen drops a DLL named “cmd.dll” under C:WINDOWS which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP PUT requests with large payloads of characters, we can cause buffer overflow.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »